Expertise : General Data Protection Regulation
What is GDPR?
GDPR is the General Data Protection Regulation; an EU sanctioned directive that enhances the 1998 Data Protection Act. It was passed by the EU in April 2016 and a two year grace period was given for organisations to become compliant.
Many of the concepts and principles are much the same as current legislation. If your organisation is complying with the current law then some of your approach to compliance will remain valid under GDPR and can be the foundations for your organisation to build upon.
Who does GDPR effect?
The legislation will affect any organisation that is involved in the regular processing (collection, storage and usage) of certain categories of personal data on EU citizens. This includes data held by companies not within the EU.
When does it come into effect?
GDPR legislation comes into enforcement on 25 May 2018.
What can happen if you are non-compliant?
Currently, the penalty for non-compliance is purely financial. Organisations will be fined for failing to comply, with the maximum fine being 4% of total global turnover or €20 million, whichever is greater.
How can Auditel help?
Auditel’s consultant network are available to help you through your GDPR journey.
We understand that every organisation is unique, and that is why each client deserves a bespoke service to fit their business needs.
With the deadline fast approaching; the time to act is now. To start your GDPR journey with Auditel, please complete the form below and a member of the team will be in contact.
For more detailed information on GDPR please visit the ICO website.