The European Data Protection Regulation ( GDPR )

In January 2016 the draft Directive 95/46/EC was released.  

More commonly known as the European Data Protection Regulation this draft legislation is designed to  harmonise data protection laws in place across the EU. It is vitally important that all businesses and organisations understand what it means and how it will impact. 
Once the legislation comes into effect the European Union will have the most stringent data use and protection laws in the world with serious fines for breaches. 
Being a “regulation” instead of a “directive” means the legislation will apply all EU member states directly and without the need for individual states to implement it through their own individual legislative processes.

It includes:

  • Rigorous requirements for obtaining consent for collecting personal data.
  • The age of consent for collecting an individual’s data increased from 13 to 16 years old.
  • Data to be deleted if it is no longer used for the purpose it was collected
  • Deleting data if the individual revokes consent for the company to hold the data
  • Notifying the EU government of data breaches within 72 hours of learning about the breach.
  • A single national office for monitoring and handling complaints
  • Firms handling significant amounts of sensitive data or monitoring the behaviour of many consumers will be required to appoint a data protection officer.
  • Fines up to €20m or 4% of a company’s global revenue for non-compliance.

All organisations and businesses will need to adopt new approaches to the collection, processing and use data. There will be prescriptive rules for demonstrating and evidencing compliance.
Privacy and data protection will need to be embedded into everything and those providing information will need to be given explicit and full information on what will happen to the data they give personal data.  Individuals will be able to exercise their “right to be forgotten” including the right to demand that their data is not used. 
One of the biggest challenges will be meeting the rules regarding data transfer, especially data transfer out of the EU, for example to foreign based cloud storage and email servers.
#dataprotection #gpdr #dataregulation #privacy #marketing #email #bulkemail #socialmedia


Comments

Post a Comment

Popular posts from this blog

Employee Rep Training - Great Feedback

Excellent, well delivered, good interaction, very interesting, delivery and knowledge excellent, very good, are just a few of the comments made by delegates on one of our employee rep training courses this week. Find out more about our employee rep course offer HERE >>>> #employeereps #employeerepresentation #unions #employeerepresentatives
Read more

Working with Volunteers - 10 Tips for Success

Image
WORKING WITH VOLUNTEERS - 10 TIPS for SUCCESS With the recent requests for volunteers to help in the fight against the #Corvid19 #Coronavirus and provide support to those in need locally, we thought it might be useful to highlight the insight and feedback we have gained through our #training courses and workshops on working with #volunteers. What made it a Good Experience for Volunteers? ·          Felt part of Workforce / Project ·          Not exploited – no discrimination ·          Matched my   skills to the opportunity ·          Valued –   felt welcomed from the start ·          Took account of my interests ·          Offered opportunities to further my interests ·          Good information / communications ·          Structured programme – not drifting What made it Bad Experience for Volunteers? ·          Lengthy time gap between applying and doing! ·          Formal processes were tedious and put people
Read more

Using Social Media at Work - Staff rights and responsibilities

Why you need a Policy NOW ! Two recent Employment Tribunal cases, one involving Face book and another one with Twitter have one clear message in common for modern employers – the urgent need to have clear up to date, precise policies and procedures in place about the use of Social Media at work. Both the cases profiled below could have been lost by the employer had they not previously taken proactive policy steps to keep up to date with an ever changing scene. Face Book The Face Book case arose from an unfair dismissal claim. The Employment Tribunal held that a pub manager was fairly dismissed for gross misconduct after she made inappropriate comments on Face book about two customers who had verbally abused and threatened her.   The Face Book chat took place while the employee was at work and did not reflect her upset or anger at the customers, but appeared to be a joke between friends.  However, a wider audience was able to look at her Face Book page, including r
Read more