Pages
, 11, 11C, 12, 13, 14, 15, 16, 17, 1831, 186, 188, 19, N2076
Default banner
Ideas
Information
Impact
GDPR: The basics
Blog cover
Croner
The IPG
Posted by IPG
414 views |
0
In the first of a series of blogs about changes to data protection laws, the IPG’s business support helpline Croner explains some of the basics of GDPR

What is GDPR?

GDPR stands for General Data Protection Regulation. It replaces the UK’s Data Protection Act, and brings in a strict set of new rules concerning privacy and data security, while imposing penalties on businesses that violate them. It will give people much more control of their personal data and how it is used.

Why is the legislation changing?

Because digital technology has moved forward far more rapidly than the law. GDPR is considered necessary to help the law catch up with the fast-evolving digital environment.

When do the changes come into effect?

On 25 May 2018, across the European Union.

What rights does GDPR grant?

GDPR gives people about whom your business holds data new rights, including these eight.
1 The right of access. Subjects will be entitled to access their data and find out how you are using it.
2 The right to rectification. People can ask you to update any inaccurate or incomplete data.
3 The right to restrict processing. Businesses may be allowed to store but not process personal data.
4 The right to data portability. This allows people to get some of their data from you for their personal use.
5 The right to erasure. You can be asked to delete or remove people’s data; this is commonly called ‘the right to be forgotten’.
6 The right to object. People can opt out of you profiling them based on their data, direct marketing or research.
7 The right to be informed. This means your privacy notice must state how you process information fairly.
8 Rights in relation to automated decision making and profiling. This gives people protection against mistakes or decisions where humans are not involved in data processing.

What do I need to do?

Changes will vary by business, but here are seven things to consider.
1 Create a register of the personal information you hold, where it came from, and who you share it with.
2 Put in place a process for handling requests for any data you hold. It should include details of how quickly you will respond, how you will provide it and how you will assure requesters that they own it. You should ensure you can honour the rights of anyone who asks for their data, and be able to prove that you have removed data if requested to do so.
3 Get consent to store, manage, maintain and use personal data or consider what other rights you may have to process personal data.
4 Make sure people in your business know the law is changing, and nominate a responsible person to be your Data Protection Officer or representative, as applicable.
5 Review the current privacy notices for the data you store and prepare to change them for GDPR.
6 Decide if you need a system for identifying the age of individuals and whether you need parent or guardian consent.
7 Have an emergency plan in case you lose data or someone steals it.
Croner has more detailed advice about GDPR in this white paper. IPG members have free access to the Croner Business Support Helpline, which provides advice on issues including law, HR, tax and much more. For details of how to access the Helpline, click here.

Related blogs

Click to reply

Have your say

Want to have your say on this blog post? Add a title of your message along with your actual message in the fields below.
Alternatively, if you just want to be notified when someone else makes a comment, use the 'watch' option here when you're logged in and we'll send you an email to let you know.

Pages

New on the blog

22049849_1515824371817817_3635154117229887022_n
Posted by IPG
​Four popular speakers and chairs from recent IPG Conferences share their advice for sharpening up presentation skills​ - read more ➥
EmilyLabramBlog
Posted by IPG
Bibliocloud's Emily Labram looks back on an IPG Autumn Conference session and suggests some ways publishers can use their founding 'Why?' to become... - read more ➥
SchofieldAndSims
Posted by IPG
An introduction to century-old education publisher Schofield & Sims - read more ➥