Flickr/perspecsys.com

Get ready for the new EU data protection law

WORKPLACE RIGHTS: Businesses need to start planning now for the 2018 data legislation as the financial penalties for non-compliance are steep.

by Michael Burd and James Davies
Last Updated: 24 Feb 2016

Political agreement has been reached on an EU-wide data protection law designed to create a 'one-stop shop', with a common set of rules applying across the continent. This will effectively replace the UK's current Data Protection Act.

The law bites on any area in which a business processes data on individuals (eg, customers, suppliers, users of a website). But it is probably in relation to employees that businesses process most data, in terms of both its range and quantity.

Importantly, the regime is backed up by a much fiercer penalty regime than presently applies. The maximum penalty for non-compliance will be 20m or 4% of an undertaking's worldwide turnover, if that is higher. This is likely to focus minds at board level in most organisations.

While the new legislation will not be implemented until 2018, extensive forward planning and preparation will be required. From the top down, organisations need to embrace a culture of taking data protection responsibilities seriously and should start identifying the policies, processes and training they will need to put in place to ensure compliance.

Michael Burd and James Davies work at Lewis Silkin LLP solicitors. Email them at: employment@lewissilkin.com

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events

Latest on MT

The reason women are less likely to get graduate jobs

The reason women are less likely to get graduate jobs

Despite the high priority employers give to diversity, the gender gap in graduate recruitment persists.

Why Philip Green's savaged reputation matters

Why Philip Green's savaged reputation matters

The retail tycoon is still rolling in wealth but his public image could be problematic - and what about that knighthood?

Only 'radical honesty' can rebuild trust in business, and save us from Green and Trump

Only 'radical honesty' can rebuild trust in business, and save us from Green and Trump

Philip Green and Donald Trump are harbingers of a post-trust future that can only be avoided by a progressive revolution in business leadership.

'Don't be governed by risk' - Pitcher & Piano founder Crispin Tweddell's start-up cocktail

'Don't be governed by risk' - Pitcher & Piano founder Crispin Tweddell's start-up cocktail

The entrepreneur-turned-investor shares his recipe for success - know your customer and be ready to take a chance.

How Mike Ashley can fix Sports Direct's reputation

How Mike Ashley can fix Sports Direct's reputation

His company's name has been well and truly sullied, but Mike Ashley still has the chance to reform it, through transparency.

Get ready for the 'Lego' organization

Get ready for the 'Lego' organization

In a rapidly changing world, businesses will become amalgams of building blocks that come together for specific purposes.