GDPR : General Data Protection Regulation

The GDPR is the strongest set of data protection laws in the world and currently covers the whole of Europe including the United Kingdom. It was mutually agreed and has been enforced since May 25th 2018. The purpose was to develop and modernise the pre-existing protection laws around individuals personal data.

The data protection laws that used to cover Europe hadn’t been significantly updated since the 1990s and so had not accounted appropriately for the huge technological advances that have been made since then. The way that personal data is now processed and profited on required a sophisticated new set of rules to ensure peoples personal data was not being unethically used without their full consent and this is what the GDPR provides. GDPR not only drastically influences the ways in which businesses and public sector organisations can handle the information their customers but it also gives the customers more control over their own information.

One of the brilliant ways that GDPR has put more power into the hands of the individual is by scrapping the cost of requesting a Subject Access Request (SAR). This previously cost £10 per request. When someone makes an SAR the business has one month to gather all that individuals data that they have held and issue it to them. This will enable individuals to have more control over their own data.

Any individual, organisation or company that are either controllers of processors or personal data will be covered by GDPR and must comply. GDPR and other data protection laws rely on the term ‘personal data’ when information about individuals is mentioned. There are two main types of ‘personal data’ that is ‘personal data’ and ‘sensitive personal data’.

Personal data as well as sensitive personal data will be protected by GDPR.

Personal data encompasses a complex and broad category of information but to put it simply it is any piece of information that can be used to identify an individual, so this could be anything from birthday to your IP address. Sensitive personal data includes anything consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.

The conditions that have to be met for an organisation to process special category data are as follows:

  • Explicit consent
  • Employment, social security and social protection (if authorised by law)
  • Vital interests
  • Not for profit bodies
  • Made public by the data subject
  • Legal claims or judicial acts
  • Reasons of substantial public interests (with a basis in law)
  • Health or social care (with a basis in law)
  • Public health (with a basis in law)
  • Archiving, research and statistics (with a basis in law)

One of the main improvements and differentiators between GDPR and other data protection acts is that not only does GDPR protect individuals personal data and sensitive personal data but it also protects pseudonymised personal data – if it is possible that a person can be identified by a pseudonym.

One of the ways that GDPR has been able to be more rigorous with their enforcement is that they will fine businesses that do not comply. The GDPR states that small offences can result in fines up to ten million euros or two percent of the firm’s global turnover, whichever is greater. This is a much more significant fine than the previous maximum fine the ICO could issue of £500,000.

Since the UK has left the EU the UK’s 2018 Data Protection Act will kick in soon. The UK’s 2018 Data Protection is an almost identical copy of GDPR so that there will not be any huge changes to the data laws. So post Brexit the right of EU citizens will still be protected by GDPR and business and organisation will not have to change their policies but for organisations that move data between the European Economic Area and the UK there could be some minor changes as the UK will no longer be technically be a part of GDPR.

GDPR and all data protection laws are constantly evolving and it is close to impossible to always be fully GDPR compliant, especially when the services you provide are evolving at the same time. The UK information commissioner has stated she will not be trying to find companies to make examples of and issue them with the maximum penalty straight away as she understands what a big shift this can be for companies. The ICO wants to initially take a collaborative approach to enforcing compliance however they will be much more lenient on those companies who have shown that they are making attempts towards compliance than those companies who have not done any work around it at all.

How TopSource can support you

TopSource has set up a fast-track payroll service to make this easy, guaranteeing a simple on boarding experience to support compliance in as little as four weeks.

Simply contact us to find out more.

If you’re a TopSource customer, we can provide you with a separate payroll for off-payroll workers. You can email contactus@topsource.co.uk or call 0203 6915303.

8 Replies to “GDPR : General Data Protection Regulation”

  1. I wanted to put you the tiny remark to be able to say thanks a lot over again on the pleasing strategies you have provided in this case. It was really shockingly open-handed with you to make publicly precisely what many of us would’ve offered for an ebook to get some money for themselves, notably now that you might have tried it in case you desired. These solutions in addition served to be the good way to know that other people online have the identical interest really like my personal own to learn more and more related to this matter. I am sure there are numerous more pleasant periods in the future for many who read carefully your site.

  2. Thank you for each of your hard work on this web page. My aunt really likes going through investigations and it’s really obvious why. Most of us learn all of the lively method you offer practical strategies through this web site and even increase participation from some other people on the issue so our favorite girl is in fact learning a lot of things. Take advantage of the rest of the year. You are always doing a really good job.

  3. Thank you for every one of your labor on this web site. My daughter really loves making time for investigations and it’s really obvious why. Most people learn all regarding the lively mode you present reliable tactics through this web site and even inspire participation from some others on the point then our favorite princess is now starting to learn a whole lot. Take advantage of the rest of the year. You are always doing a remarkable job.

  4. I’m just commenting to let you be aware of of the exceptional discovery my cousin’s child enjoyed going through your blog. She discovered a wide variety of details, most notably how it is like to have a very effective coaching heart to get many more effortlessly fully understand certain extremely tough matters. You actually did more than my desires. I appreciate you for displaying such helpful, healthy, educational and also cool guidance on that topic to Evelyn.

  5. I simply wanted to thank you so much once more. I do not know what I would’ve taken care of without these suggestions shared by you regarding that subject. It was an absolute intimidating problem in my position, nevertheless taking a look at this specialized style you solved the issue took me to leap with happiness. I will be happy for your service and thus sincerely hope you really know what an amazing job you have been putting in teaching some other people using your webblog. Most likely you haven’t got to know any of us.

  6. My wife and i have been really more than happy when Louis managed to finish off his research using the precious recommendations he made through your web site. It is now and again perplexing to simply find yourself making a gift of steps which often some other people may have been trying to sell. Therefore we realize we need the writer to give thanks to for this. The specific illustrations you made, the straightforward web site navigation, the relationships you will help to instill – it is most remarkable, and it is leading our son in addition to us reason why this subject is fun, which is seriously pressing. Thanks for the whole lot!

  7. I simply needed to thank you so much once again. I am not sure the things that I would’ve made to happen without the type of secrets provided by you on such a question. It seemed to be a very frustrating issue in my opinion, however , observing the very specialised strategy you processed that made me to leap over gladness. I am just happy for this information and in addition pray you know what a great job you happen to be getting into teaching people thru your web page. More than likely you have never got to know any of us.

Leave a Reply

Your email address will not be published.