Implications of GDPR and new Data Protection Bill for employers

8 August 2017

Data protection legislation rarely leads the 10 o'clock news. It was with great media fanfare, however, that the Government announced the new Data Protection Bill yesterday. 

This Bill represents the most comprehensive evolution of data protection rights in 20 years. The heart of these new rules is European through and through. The Data Protection Bill will essentially mirror the provisions of the EU's General Data Protection Regulation (GDPR), which employers will be obliged to comply with in any event.

With Brexit on the horizon, the new Bill does appear to give some much needed clarity. The Government's guidance note strongly suggests that these rules will be in place far beyond Brexit once they come into force on 25 May 2018. Although, in reality, this was always likely to be the case so the UK could continue to do business with the rest of the EU efficiently.

There is a plethora of attention grabbing changes to the current regime:

  1. New and tougher rules on obtaining employees' consent for the processing of their data
  2. An enhanced 'right to be forgotten'
  3. Changes to the rules on data subject access requests
  4. A significant increase to the maximum fine for breaking the rules - now £17 million or 4% of global turnover
  5. A new criminal offence related to de-anonymising data

Implications for employers

So, how can your business see through the hype and appreciate what really matters - and what do you as an employer need to know in practical terms?

For these and other employment related questions, please read our blogs on what employers need to be doing now to prepare for the upcoming changes:

Alternatively, for more in depth analysis and practical guidance, there are still places available at our upcoming seminar on data protection - Managing employee data risks - Are you GDPR friendly and Brexit proofed?

At this seminar, we will be covering a range of issues including consent and recruitment; data management; subject access requests; and cross-border transfers.

If you would like to attend and get the inside track on how to make sure your business is protected, please click HERE for further information and to register.

Further information

For more information on the issues raised in this blog, please contact a member of our employment or data protection teams.

Share insightLinkedIn Twitter Facebook Email to a friend Print

Email this page to a friend

We welcome views and opinions about the issues raised in this blog. Should you require specific advice in relation to personal circumstances, please use the form on the contact page.

Leave a comment

You may also be interested in:

Close Load more

Skip to content Home About Us Insights Services Contact Accessibility