When are these changes made?
The GDPR will be enforced, meaning UK organisations only have a short amount of time to ensure they are compliant with the new rules. The GDPR was introduced to keep up to date with the changes in the digital landscape of technology.
Key changes that have been introduced
Organisations will have to adapt to a number of key changes from the GDPR, some of which have been listed below:
- The definition of personal data – is more broad, meaning more data can be bought into the regulated perimeter
- When processing children’s data, consent is necessary
- Obtaining valid consent rules have changed
- New requirements for data breach notifications
- Data subjects now have a right to be forgotten
- There are new requirements for data portability
Penalties that organisations could face
This regulation can impose more tough penalties than what the current Data Protection Act offers. Companies that are found breaching these rules can find themselves with a fine of 4% of annual turnover or £20 million.
Fines on such a level can lead to business insolvency. But, to make sure your company complies with such rules, get the help of an expert team such as Cloud Works, so they can guide you through the best steps to take, to avoid any breaches.