Better Late Than Never: Protecting Data

Scroll Down
Home > Knowledge Hub > Better Late Than Never: Protecting Data
By Peter Kouwenberg
Partner – Head of Commercial

25 February 2020

Article Insights

The business world held its breath as 25 May 2018 came and went, the day which heralded the implementation of the General Data Protection Regulation (GDPR), two years after publication.

Guidance from the Information Commissioner’s Office suggested that the regulator would not necessarily flex its muscles immediately and seek to hit offenders with the maximum penalty (up to €20m or four percent of global turnover) for contraventions, whilst also highlighting the fact that businesses had already had ample time to get their houses in order.

It was over a year before the first major penalties were issued, with proposed fines of £183m and £99m to British Airways and the Marriott hotel chain respectively for failing to keep personal data secure. We can expect an increase in such cases, with possible criminal sanctions for more serious GDPR breaches.

Just as damaging is the bad publicity and reputational harm which a business can suffer following a data subject’s complaint that data has been obtained, stored or shared unlawfully.

For many organisations, it is a relatively straightforward task to conform to the new legislation. However, it is essential that all measures are clearly documented in order to demonstrate this.

Essential steps for any business include:

  • Auditing data flow and recording where data enters and leaves the business.
  • Documenting the lawful basis for each activity the business carries out with the data.
  • Implementing appropriate technical and organisational security measures.
  • Updating its contracts, particularly between data controllers and data processors.
  • Ensuring that data subjects are able to enforce their rights under the GDPR.
  • Sharing all information in an up to date Privacy Notice.

Contact Peter Kouwenberg at peter.kouwenberg@taylorwalton.co.uk or on 01582 390411 to arrange a free, no obligation meeting or telephone conference to discuss your data protection needs.

Disclaimer: General Information Provided Only
Please note that the contents of this article are intended solely for general information purposes and should not be considered as legal advice. We cannot be held responsible for any loss resulting from actions or inactions taken based on this article.

Insights

Latest Insights

22 November 2023

Employment Law Autumn Update – Recent Developments for Employers

In recent weeks the Government has announced a range of changes and proposed changes to employment law.  In this article… read more
21 November 2023

An update for the Building Safety Act 2022

A few months ago I wrote about an unfortunate loophole in the Building Safety Act 2022 (‘BSA’). The BSA 2022… read more
17 November 2023

Capping Ground Rents – The Consultation

Following the King’s Speech on 7 November 2023, the Government has begun a public consultation to discuss the potential capping… read more

Request a call back

We’ll arrange a no-obligation call back at a time to suit you.

SEND