What’s new in 2018: GDPR
As 2017 is coming to an end, it is a time of not only reflection but also an opportunity to look ahead to what 2018 may bring and what that means for your business.
You will have probably seen numerous articles and LinkedIn posts on the up coming General Data Protection Regulations (GDPR) that are due to come into force on the 25th May 2018. A lot of these posts relate to the changes and how businesses will have to comply.
Here is a quick breakdown of some of the key points of GDPR:
- Data Protection Officer (DPO) – each organisation that processes personal data will now have to appoint a DPO who will be responsible for how that organisation implements GDPR. They will also have special employment rights.
- Consent – an individual has to ‘opt in’ rather than ‘opt out’ and the act of opting in must require the individual to take affirmative action, for example a pre-ticked box confirming consent will no longer be sufficient, the client must tick the box themselves. It must also be just a easy for the individual to opt out at a later stage as it was to opt in.
- Privacy Notices – Organisation now have to explain to the individual the reasons for processing the data and what the data will be used for. This means that the privacy notices on websites etc will need a re-draft to comply with the new regulations.
What does this mean for your business? Does it impact you? What commercially viable solutions can be found? These are the questions that face your business in 2018 and a failure to comply with GDPR could lead to significant fines being imposed.