Get ready for new data protection rules

Fleur Lewis is a partner at Bishop Fleming Accountants Fleur Lewis is a partner at Bishop Fleming Accountants

Following the government’s intention to introduce a new Data Protection Bill, businesses face new regulatory burdens in order to provide greater safeguards for individuals, writes Fleur Lewis, partner at Bishop Fleming Accountants.

Data Protection Bill contents
In summary, the bill will:
Make it easier for individuals to withdraw consent for the use of their personal data
Allow individuals to request that their personal data held by companies is erased
Enable parents and guardians to give consent for their child’s data to be used
Require explicit consent to be necessary for processing sensitive personal data, and scrap reliance by companies on default opt-out or pre-selected ‘tick boxes’.
Expand the definition of personal data to include IP addresses, internet cookies and DNA
Update data protection laws to reflect the evolving digital economy
Make it free and simpler for individuals to ask an organisation to reveal the personal data it holds on them
Make it easier for customers to move data between service providers

A key headache for businesses that collect personal data will be the requirement to show how and when they obtained explicit consent for the information they hold from the individuals concerned. Further regulations and guidance are expected on this issue.

Right of access
Individuals will be able to request, free of charge, a copy of their personal data that is being processed. A ‘reasonable fee’ can be charged for additional copies.

Data breaches
Businesses will have to notify the Information Commissioner’s Office within 72 hours of a data breach taking place, if the breach risks the rights and freedoms of an individual. In cases where there is a high risk, businesses must notify the individuals affected.

The Information Commissioner will be given greater powers to regulate the protection of data, including the ability to issue fines of up to £17m or 4% of an organisation’s global turnover for serious breaches of data.
Organisations also face unlimited fines where they intentionally or recklessly identify individuals from anonymised data.

Action points
Firms will have to record what personal and personally sensitive information they hold in manual and electronic files, along with details of management responsibility for that data, and policies on storage and deletion.
A risk assessment may be required where the processing of information is considered to be on a large scale or risky.
Businesses which process certain categories of data will have to appoint a data protection officer to advise on data issues, handle complaints and ensure compliance with the rules.

Cloud-based solutions
Major companies such as Microsoft and Google offer cloud-based services that can encrypt stored information, to make sure it cannot be used if stolen. Firms may wish to use these services in future as a way of complying with data protection rules.

Further information
The Information Commissioner’s Office has an area on its website with more information, including a 12-step guide on action to take.

Latest Press Releases

WesCom Signal and Rescue shortlisted for the 2018 Safety at Sea Awards

The world’s leading supplier of marine distress signals, WesCom Signal and Rescue announces it has b... Read more

Torqeedo appoints Engines Plus Ltd as new UK canal boat sector dealer ahead of inland waterways festival, Crick Boat Show

Torqeedo has appointed Engines Plus Ltd, a leading engine dealer, to be the UK dealer for the canal ... Read more

Torqeedo Showcases Latest Innovations in Sustainable Marine Propulsion Technology at Seawork International

Crystal Lake, Ill. – May 23, 2018 – Torqeedo will demonstrate the latest developments in electric ma... Read more


Leading Audio Manufacturer Unveils Groundbreaking RA770 and SRX400 Audio Entertainment Systems Read more


Leading Audio Manufacturer Announces Powerful Plug and Play Solution with Bluetooth Streaming Read more

Experts Highlight Viable Power and Propulsion Solutions for Next Generation Vessels

Lithium-ion battery expert Dr John Warner is presenting at the NEXT GENERATION Marine Power & Propul... Read more

View all