GDPR: time to take data protection seriously

The GDPR will come into effect on 25 May 2018. It is designed to harmonise data protection rules across Europe. It will have immediate, direct effect from the outset, with no need for member states to implement legislation and no transition period.

Technology has also advanced enormously since the EU Data Protection Directive was introduced in 1995, meaning it is now outdated.

‘Due to increased levels of cybercrime, hacks and data leaks, consumer trust is at an all-time low’, says Gregor Kleinknecht, partner at Hunters Solicitors. ‘New regulations are required to protect individuals and businesses. Additionally, data is not controlled by geographical borders; therefore an EU-wide regulation goes some way to providing protection and security for its “data subjects”.’

It is hard to estimate exactly how much the cost of compliance with the GDPR will be. ‘Some companies quote their cost as being as high as £5m’, says Kleinknecht, ‘but actual costs will depend on the nature of the organisation’s work, the state of their current data protection processes, the security systems employed and the administration costs.’

Read the full article in the IBA here.