ICO: 20 million reasons to get ready for EU data laws

ChristopherGraham ICOThe Information Commissioner Christopher Graham is warning firms to start preparing for the EU data protection reforms now, or risk the prospect of fines of up €20m (£15.5m), as he unveils a new 12-step guide to compliance.
Speaking at the ICO’s annual Data Protection Practitioners’ Conference, Graham is highlighting how maximum fines as high as €20m for breaches of the new data protection regulation mean organisations cannot afford to get data protection wrong.
The 12-step guide, being launched at the Manchester conference, will explain that many of the new laws’ concepts and principles are the same as those currently in UK law, but new elements and significant enhancements mean organisations will have to do some things differently.
According to Graham: “People have never been so aware of what their personal data is, and never cared so much about how it is used. The law is changing to reflect that.
“The EU data protection reforms promise to be the biggest shake up for consumers’ data protection rights for three decades. Organisations simply cannot afford to fall behind. We know data protection officers understand this, and we know they sometimes find their views ignored in the boardroom. The new law gives directors 20 million reasons to start listening.”
The EU’s General Data Protection Regulation is four years in the making. Agreement on the new rules was reached last December, and work is now ongoing around translation and legal accuracy.
Final political sign-off is expected in the summer, followed by a two year transition period before the regulation becomes law across the EU, including replacing the EU Directive on which the UK’s Data Protection Act 1998 is based on. It is due to come into force in the UK in 2018.

Print Friendly