Changes to data protection rules will have major implications for your business
The General Data Protection Regulation (GDPR) is set to replace the Data Protection Act 1998 (DPA), marking the biggest overhaul to data protection in 20 years.
In short, organisations that collect, keep or use any information related to an individual, which can be used to directly or indirectly identify the person, have to reconfirm explicit consent to be able to use that information.
What constitutes personal data?
Personal data is anything from a name, a photo, an email address, bank details, posts on social media, medical information and even a computer IP address.
The new regulation is a step towards everyone having more control over how their personal data is used and how companies keep in touch with their customers. Many of its main concepts are similar to those in the DPA, so if you are already complying with the current legislation then most of your processes will still be valid under the GDPR. This is a good foundation to build on in order to comply with the new enhancements.
GDPR comes into force from 25th May, so there is very little time to get your house in order and ensure your data governance policies are ready. The consequences for not complying will be severe – you could face fines of up to 4% of your annual global turnover or €20 Million (whichever is greater).
To assist brokers, we have put together a short guide to help you understand how the new legislation will affect you, together with some useful tips and hints to make sure you stay compliant.
Visit www.crystalsf.com to find out more about Crystal Specialist Finance and our full service offering available to you.
Alternatively, contact our team of specialist finance experts on 01827 301 070.