GDPR | One Month To Go

You would have had to have been in hibernation over the winter months not to have heard of GDPR (General Data Protection Regulations)! The new regulations come into effect in May 2018 and organisations need to take the appropriate steps now to comply. 

In bringing data protection laws up to date, the stated aim is to give individuals more control of their personal data as well as simplifying the regulatory environment. 

However, these changes could mean huge fines for organisations that breach the law and pose formidable challenges as to how organisations will be required to store, delete and return data to individuals.

Here at Ashtons we can work with you to develop a compliance strategy. We look at you appointing a senior employee as data protection officer, undertaking an audit of personal data which are held and processed, we review the legal basis for processing such data, we draft new privacy notices, we review agreements with third parties who process data on your behalf, we establish a procedure to detect, report and investigate data breaches, we review and update your internal policies and procedures relating to data protection and develop a staff awareness programme.

We also provide training for data protection officers and other staff so they are aware of their obligations as well as drafting specific data processing agreements with third parties who process personal data on your behalf. Part of this is ensuring adequate data protection and information security provisions are incorporated in other contracts. 

Our team can also help you develop a compliant system for handling requests received from data subjects and if there have been any data breaches we work quickly and closely with IT security experts and PR consultants to help you to take enforcement action.

For individual advice or to find out more about our Data Protection Retainer Package, please contact James Tarling on 01473 849949 or james.tarling@ashtonslegal.co.uk