GDPR: What is it, and how has its enforcement affected businesses?

The General Data Protection Regulation (GDPR), is the Government’s new legal legislation, which companies must comply with by law. The previous data protection laws, which were enforced in the 1990s, are no longer sufficient to keep information secure across businesses, since these laws are no longer compatible with the ways that businesses are now run. Companies are much more reliant on technology when dealing with sensitive data, so Europe needed a new policy that could keep up with this.

25th May 2018 saw the introduction of the new GDPR law in Europe, which requires that all cases of personal data breaches that are in danger of harming the affected individual are reported to data regulators. The affected individual must also be notified in high-risk cases. Since technological devices are now used in most businesses to manage sensitive data and access client information, it’s essential that action is taken to minimise the risks that come with this – which can include viruses and the threat of internet hacking, ultimately posing a risk to the privacy of sensitive information. These GDPR regulations aim to minimise these threats, whilst addressing any potential data breaches as soon as possible.

Since the enforcement of these new laws, businesses have had to seek consent from clients with regard to the handling of their contact details and personal information – such as opting them in to email marketing. The GDPR regulations also assign more power to the customer/client, who have the right to access their own information as and when they require it; similarly, clients have the right to request that their data is withdrawn from the company – and this must be adhered to. The customer also gains the right to be notified of any data breaches that could affect them, and the ability to transfer their data from one provider to another.

At Cluer HR, since the enforcement of the new GDPR regulations, we have undertaken training to develop our knowledge and enhance our service. This has involved creating a GDPR Q&A for clients, and adding a GDPR section into our employee handbooks in order to help them gain a greater understanding of these changes. We have also since updated our privacy statement and changed the way in which we handle and store data.

It’s essential that all EU businesses seek to comply with these regulations. Businesses who fail to address these changes and fail to report data breaches where necessary can face very high fines. If you’re wondering how you can best incorporate these legislations into your workplace, don’t hesitate to contact one of our expert HR advisers today.  

Image: Shutterstock