Data Protection

Data Protection

The UK Data Protection Act 2018 (DPA 2018) has now replaced its predecessor.  It is based on the EU General Data Protection Regulation (GDPR) which came into force in May 2018.

The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government. The UK’s implementation of the Data Protection act has transformed how personal data is collected, shared and used globally.GDPR is a global data protection law passed by the European Union that shifts the ownership of customer data from the organisations that use it, to the individual customer.

Data Protection for Small and medium-sized enterprises (SMEs)

Though GDPR came into effect in May 2018 it is estimated that two-thirds of small businesses have still yet to begin compliance. Email Verifierhas found that just 36% of UK SMEs believe they are GDPR-compliant. We understand that;

  • new legislations can be overwhelming for smaller businesses; and
  • a common thought is: ‘only large corporation’s needs to comply’, but that is simply myth.
How can we help you become compliant?

At H2 we can provide you with a free consultation to get your compliance journey started. It’s not difficult or too expensive to align your business processes to DPA 2018 compliance.Our aim is to meet your business level with the correct service that you need.

H2 will help you as a business identify how and where the DPA 2018 Act can be applied:

  • determine whether you process personal data as a ‘controller’ or ‘processor’.
  • understand the differences between the DPA 1998, the GDPR and the DPA 2018, as well as how to use them.
  • identify gaps in your records management processes.
  • take control of data sharing and subject access.
  • assess your compliance with data protection, with regards to cyber security in the office and remote working.

Start with a free consultation, contact us today on 01733 602183/01780 678199 or through our website. >

General Data Protection Regulation GDPR

What about Data Subjects under the age of 16?
Parental consent will be required to process the personal data of children under the age of 16 for online services; member states may legislate for a lower age of consent but this will not be below the age of 13.

What is the difference between a regulation and a directive?
A regulation is a binding legislative act. It must be applied in its entirety across the EU, while a directive is a legislative act that sets out a goal that all EU countries must achieve. However, it is up to the individual countries to decide how. It is important to note that the GDPR is a regulation, in contrast the the previous legislation, which is a directive.

Does my business need to appoint a Data Protection Officer (DPO)?
DPOs mustbe appointed in the case of: (a) public authorities, (b) organizations that engage in large scale systematic monitoring, or (c) organizations that engage in large scale processing of sensitive personal data (Art. 37). If your organization doesn’t fall into one of these categories, then you do not need to appoint a DPO.

How does the GDPR affect policy surrounding data breaches?
Proposed regulations surrounding data breaches primarily relate to the notification policies of companies that have been breached. Data breaches which may pose a risk to individuals must be notified to the DPA within 72 hours and to affected individuals without undue delay.

Will the GDPR set up a one-stop-shop for data privacy regulation?
The discussions surrounding the one-stop-shop principle are among the most highly debated and are still unclear as the standing positions are highly varied. The Commission text has a fairly simple and concise ruling in favor of the principle, the Parliament also promotes a lead DPA and adds more involvement from other concerned DPAs, the Council’s view waters down the ability of the lead DPA even further. A more in depth analysis of the one-stop-shop policy debate can be found here.

For more information on GDPR, please contact us today on 01480 718311 or through our website >

Contact us today about this service

If you would like to know more about our range of services here at H2 then please contact us today on 01733 602183 or 01780 678199 or complete our contact form.

Click here to get started >