Blog
Kingsley Napley’s Medical Negligence Team ‘walks together’ with the Dame Vera Lynn Children’s Charity
Sharon Burkill
12 April 2017
Further chinks in the armour? EU-US Privacy Shield and the concerns of MEPs
In a resolution adopted on 6 April 2017, Members of the European Parliament (“MEPs”) expressed their “alarm” over several recent changes to the US privacy law regime. The resolution, passed by 306 votes to 240 with 40 abstentions, comes amidst growing concerns that President Trump and the US Congress are withdrawing from commitments made by the Obama administration in relation to US obligations under the EU-US Privacy Shield.
3 April 2017
SaaS providers: are you ready for the new data protection regime?
In just over a year (25 May 2018), the EU General Data Protection Regulation (the “Regulation”) will replace the Data Protection Act 1998 (“the DPA”) and come into force in the UK. This will be just under a year before Brexit. In any event, the Regulation would still apply to all companies who intend to do business with the EU and handle the personal information of European citizens.
6 March 2017
Data Protection – practical guidance from recent case law on subject access requests
We have previously published our ‘Top 10 Tips’ for both making and responding to subject access requests (“SARs”) under the Data Protection Act 1998 (“DPA”).
Two recent cases - Holyoake v Candy and CPC Group Limited and Dawson-Damer v Taylor Wessing LLP – considered a number of issues that are important in practice. Of particular interest is how this effects the circumstances in which SARs can (or cannot) be legitimately resisted. We have drawn together the key lessons learned, which complement our earlier guidance.
2 February 2017
The GDPR: What do employers need to be doing now?
The General Data Protection Regulation (the GDPR) will come into force on 25 May 2018. This might feel like a long time away on a cold winter’s morning, but ensuring your business is ready to comply by that date is unlikely to be a “quick fix”. The GDPR is complex and, as you will see from our blog series, broad ranging in its scope. In this blog, I’ve summarised what I believe will be the 8 key employment related issues for businesses as they ready themselves for the changes to the data protection regime, and the key immediate action points to consider.
26 January 2017
Entrepreneurs and small businesses need to prepare now for the new data protection regime
“We’re all going to have to change how we think about data protection”, the Information Commissioner noted at a lecture for the Institute of Chartered Accountants last week (full text here). Those that are familiar with the new General Data Protection Regulation (GDPR) will know that she is absolutely right about this. Brexit is not going to “intervene” in that respect - the GDPR will have come into force before the UK leaves the EU. In any event, for those that want to do business in the EU (for example, by offering goods or services to individuals in the EU), they will need to comply.