Data Protection Bill
As the enforcement of the General Data Protection Regulations (GDPR) draws ever closer, eNaycH would like to remind organisations in the United Kingdom to remember that they will also have to prepare for the introduction of the Data Protection Act 2018 once the Data Protection Bill is enacted into law.
Many have been highlighting the headline news and the fines insofar as the GDPR is concerned, but in a recent speech the Information Commissioner who regulates the legislation in the UK was keen to emphasise her other powers under the GDPR.
The GDPR increases and intensifies my regulatory armoury – from issuing warnings or reprimands to fining those that deliberately, consistently or negligently flout the law up to £17 million or four per cent of annual global turnover, whichever is greater. I can even stop an organisation from processing personal data.
So yes, this regulator will have teeth. But I prefer the bark to the bite and my office is committed to prevention over punishment.
Yes there is enforcement – but encouragement, engagement and education must all come first. Because at the heart of this law is the public. People. In the end, it comes down to building trust and confidence that organisations will handle their personal data fairly and in line with the law. When you understand and commit to that, compliance will follow.
Source : ICO
Would your organisation survive if ordered to stop processing personal data?
Data Protection Bill
What is it? Well, the GDPR gives EU member states limited opportunities to make provisions for how it applies in their country. One element of the Data Protection Bill is the details of these. However, the Bill is not limited to the UK GDPR provisions; it also brings the EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law, for example and other elements that are outside the scope of EU law.
The Bill is currently on it’s journey through Parliament, so please bear in mind that along with the GDPR, you will have to be ready for and updated on, the Data Protection Bill ready for enactment.
It is therefore important the GDPR and the Bill are read side by side.