1 December 2017

Are you Business Ready for the General Data Protection Regulation (GDPR)?

The EU General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 and it will be a significant shake up of the existing data legislation.

There will be wide reaching effects on all organisations that collect, manage, process and store personally identifiable and sensitive data. This means there is a fundamental requirement that organisations protect and appropriately manage customer, employee and stakeholder information in accordance with the new Regulation.

There will need to be Board level accountability for the GDPR legislation, as there will be requirements for clear governance and reporting to ensure compliance. Breaches of data will have significant consequences in terms of financial penalties, criminal prosecution and damage to reputation.

The GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate their accountability. For example you may need to review the contracts and other arrangements you have in place when sharing data with other organisations.

Guidance is still evolving, but the Information Commissioner’s Office (ICO) has very useful resources to help you on the journey to compliance and they are there to help.

• Preparing for the GDPR
• Getting Ready for the GDPR

Build UK will hold a Member Briefing on how best to prepare in January 2018. Details will be circulated shortly to Members. In the meantime, if you have any questions please contact Jenny House.