Brewers Chartered Accountants

Businesses prepare for Data Protection changes

The British Chambers of Commerce (BCC) is urging businesses to prepare for the General Data Protection Regulation, which comes into force from 25 May 2018.

All businesses holding personal data will need to ensure their procedures are fit for purpose and comply with the new rules.

Legislation will affect UK businesses post-Brexit and, if found to be non-compliant, may result in potential fines of up to €20 million, or 4% of annual global turnover.

The BCC has issued the following guidance to its members:

  • Organise personal data the company holds, where it is sourced from and who it is shared with.
  • Review privacy notices and plan for changes before the new law comes into force.
  • Review the process of seeking and obtaining records consent from individuals.
  • Ensure procedures are in place to detect, report and investigate personal data breaches.
  • Designate a Data Protection Officer (if needed) to take responsibility for data protection compliance.

David Riches, executive director at BCC, said:

“The General Data Protection Regulation is intended to reflect modern working practices in the digital age and will strengthen consumer trust and confidence in businesses. 

 “With 12 months to go, there are procedures businesses should be reviewing to determine what changes may need to be introduced to be compliant. 

“Businesses that are already vigilant about their data protection responsibilities won’t be unduly burdened by the new legislation.”


Back to News Index

« Read Previous

Read Next »