May 25th 2018 – GDPR becomes law

 

May 25th 2018 – GDPR becomes law

This is the date the ICO has set for all organisations to align with GDPR.
 

Are there any legal implications for my business?

GDPR becomes law on May 25th 2018.  Therefore compliance to the requirements becomes a legal implication for your business on this date.

Steve wood, the Information Commissioner’s Office Head of International Strategy & Intelligence has quashed any suggestions of a soft start to GDPR. He stated “You will not hear talk of grace periods from people at the ICO. That’s not part of our regulatory strategy.”  He explained the ICO intend to focus on risk and will be happy to work with organisations if there are any areas that seem unclear but there will be no grace period.
 

What happens if my company does not comply?

Under the GDPR there are tiers of fines that can be imposed depending on the severity of breach.  The worst case scenario for fines are 4% of global turnover or £20M – whichever is greatest.

Not only are fines imposed, but the ICO  ‘name and shame’ businesses that are in breach.  This is not a new development – this is also the case under the DPA. More information can be found HERE.