Data protection: What you need to know
Nath solicitors is a specialist boutique law practice based in London. We are highly experienced in advising large multinational companies as well as private companies’ start-ups entrepreneurs and individuals. Data and Privacy. Here are some simple guidelines we have produced and which are designed to be of help to those who may not have considered the risks in holding storing or processing personal data.
Definition Data protection is, as it suggests, the protection of personal information used by governments or businesses. Those responsible have to follow data protection laws, which state that data must be used accurately, fairly, used according to an individuals' rights, and kept safe and secure. These rights have been enhanced by the General Date Protection Regulation (GDPR) which was adopted in April 2016.
When will GDPR take force? The GDPR will force all organisations in Europe to comply with the rules two years after being adopted. It is in force from May 2018.
GDPR objectives The GDPR seeks to unify the rules within the EU to give citizens a simplified regulatory environment by having the same rules throughout the EU. People will have more information on how their data is processed, presented in a clear and understandable way. Citizens will also have the right to know as soon as possible if their data has been hacked or disclosed. It will also be easier for people to transfer their personal data between service providers such as social networks – thanks to the new right of "data portability". The reforms will boost legal certainty for businesses; with a single set of rules across the EU. Thanks to the one-stop-shop, companies will only have to deal with one single supervisory authority – rather than the present 28. With the new rules, non-EU companies will have to apply the same rules as EU companies, when offering their services to customers in the EU this creates a level playing field. The new rules are also future-proof: technologically neutral and fit for innovation and big data analytics.
Responsibilities The GDPR now incorporates a retention time for personal data, while contact information for the data protection officer has to be provided. Profiling is now contestable and citizens have the right to question decisions that affect them. The GDPR requires data protection to be designed into the development of business processes and to be taken seriously.
Breaches Under the GDPR, the data protection office will now be under obligation toreport to the Information Commissioners Office within 72 hours if there is a data security breach.
What data do organisations have? People have a right to know what data is held about them. They can do so by writing to the organisation and asking for a copy of the information held about them. Organisations are legally required to provide you a copy of the data they hold about you. This is called a subject access request. You can find a sample of this on the Information Commissioners’ website.
Making a complaint If a person believes their data has been misused in any way, then they should contact the specific organisation. Alternatively, they can seek advice from the Information Commissioner’s Office (ICO). Read More..
Contact Details:Reach us @ www.nathsolicitors.co.uk For any query you can call us on Tel: +44(0) 203 670 5540 Mob:+44 (0) 7545 813 894 E-mail: shubha@nathsolicitors.co.uk