Better Late Than Never: Protecting Data

Scroll Down
Home > Knowledge Hub > Better Late Than Never: Protecting Data
By Peter Kouwenberg
Partner – Head of Commercial

25 February 2020

Article Insights

The business world held its breath as 25 May 2018 came and went, the day which heralded the implementation of the General Data Protection Regulation (GDPR), two years after publication.

Guidance from the Information Commissioner’s Office suggested that the regulator would not necessarily flex its muscles immediately and seek to hit offenders with the maximum penalty (up to €20m or four percent of global turnover) for contraventions, whilst also highlighting the fact that businesses had already had ample time to get their houses in order.

It was over a year before the first major penalties were issued, with proposed fines of £183m and £99m to British Airways and the Marriott hotel chain respectively for failing to keep personal data secure. We can expect an increase in such cases, with possible criminal sanctions for more serious GDPR breaches.

Just as damaging is the bad publicity and reputational harm which a business can suffer following a data subject’s complaint that data has been obtained, stored or shared unlawfully.

For many organisations, it is a relatively straightforward task to conform to the new legislation. However, it is essential that all measures are clearly documented in order to demonstrate this.

Essential steps for any business include:

  • Auditing data flow and recording where data enters and leaves the business.
  • Documenting the lawful basis for each activity the business carries out with the data.
  • Implementing appropriate technical and organisational security measures.
  • Updating its contracts, particularly between data controllers and data processors.
  • Ensuring that data subjects are able to enforce their rights under the GDPR.
  • Sharing all information in an up to date Privacy Notice.

Contact Peter Kouwenberg at peter.kouwenberg@taylorwalton.co.uk or on 01582 390411 to arrange a free, no obligation meeting or telephone conference to discuss your data protection needs.

Disclaimer: General Information Provided Only
Please note that the contents of this article are intended solely for general information purposes and should not be considered as legal advice. We cannot be held responsible for any loss resulting from actions or inactions taken based on this article.

Insights

Latest Insights

24 April 2024

Navigating Inheritance in Modern Families: What Blended Families Need to Know About the Inheritance Act 1975

The traditional nuclear family is often no longer the norm. Blended families, cohabiting couples, and families with adopted or step-children… read more
17 April 2024

Judge refuses to set aside a Final Order of Divorce.

There has been a lot of media coverage concerning the case of Williams v Williams [2024] EWHC 733 (Fam).  This… read more
17 April 2024

Are you protected from Property Fraud?

For many people, property is their most valuable asset, and they want to ensure it is protected. Those without ample… read more

Request a call back

We’ll arrange a no-obligation call back at a time to suit you.

SEND