Welcome to the June 2017 edition of Web Talk, helping Kirklees website owners to prosper online
Are you aware of changes to data protection that have come into force in the EU?
The change in legislation called the General Data Protection Regulations (GDPR) is already having a significant impact on UK businesses, and it is not even being enforced until May 2018 – are you ready for GDPR?
What is GDPR?
GDPR replaces the Data Protection Act 1998 and affects all businesses that hold data about individuals – so basically all businesses.
Next year, as individuals, we will have the right to contact any UK entity and request the data that it holds about us and what it has been used for, and the business is legally obliged to respond (at their cost) within 30 days.
Despite the UK getting ready to ‘Brexit’, the legislation will be upheld and it affects not only businesses based in Europe, but any business that trades in Europe and handles the data of European citizens.
This change in legislation is so huge, but it seems that many businesses are not prepared for it.
No longer is a simple ‘opt in’ enough, businesses are expected to have approval for all future communications, but this is not the only difference with GDPR.
What are the differences from the Data Protection Act?
The change in legislation has implications for all businesses handling data, it applies to the data processors (businesses like Ascensor that process data on behalf of our clients, for their clients) as well as the data controllers (the businesses that have acquired the data).
All businesses with or without websites will be affected, but clearly any business that has an online profile will be affected in some way, due to the mailing lists that are held.
Other significant changes include the definition of data. Data now includes ‘anything that enables an individual to be identified’ and includes pseudonyms and account names, cultural and health-related information and even IP addresses.
As individuals can now request ‘all’ information from businesses, businesses need to be ready for this change in legislation or the costs of compliance will be significant.
The cost of non-compliance will however be a lot more, with fines reaching into the hundreds of thousands for businesses found to be mis-using individual data.
As businesses start to get ready for GDPR it is vital that any customer data that is held on web servers and in the cloud is secure and records are available to help them identify the data upon request.
This is one of those laws that will creep up on us – so make sure you have things in place before it does!
• To read more on this and other subjects, please visit the blog at www.ascensor.co.uk/blog.
For more information contact firstname.lastname@example.org
Connect on LinkedIn: andrewjfirth
Ascensor are a digital agency providing website design, ecommerce and search engine optimisation.