The Data Protection Bill

The UK’s third generation of data protection law has entered Parliament.

The Data Protection Bill was published on 14 September 2017 and aims to modernise data protection laws to ensure they are effective in the years to come. 

The Information Commissioner’s (ICO) website has been updated to include new section about the Data Protection Bill.

This explains the relationship between the Bill and the GDPR, detailing the additional areas the proposed new legislation covers. It also includes links to the ICO’s GDPR and Law Enforcement pages and to a Data Protection Bill fact sheet.

Notification under the Data Protection law

When the General Data Protection Regulations (GDPR) come into effect next year there will no longer be a requirement to notify the Information Commissioner’s Office (ICO) as there is now.

There is a provision in the Digital Economy Act which means it will remain a legal requirement for data controllers to pay the ICO a data protection fee. These fees will be used to fund the ICO’s data protection work. As now, any money the ICO receives in fines will be passed directly back to the Government.

The new system will aim to make sure the fees are fair and reflect the relative risk of the organisation’s processing of personal data. The size of the data protection fee will still be based on the organisation’s size and turnover and will also take into account the amount of personal data it is processing. The final fees will be approved by Parliament before being put into place.

Crimson Crab talking about GDPR on 93.7 Express FM

The rules are changing on data protection, if you want to find out more, Rob from Crimson Crab will be talking to Miles Hensen on 93.7 Express FM’s Business Programme at 7pm on Thursday 29th June 2017.

wp-1474501850447.jpeg

Many thanks to Reputation Advocate Lorna Jackson of Advance & Get Noticed for arranging this.

I have to retain accounts for HMRC purposes, especially income tax, for any business / sole trader that has ceased trading within previous years, would they have to comply with data protection in either current or future forms?

It is important to remember that we are only talking about third party personal data under the data protection rules.

If you are holding this as part of your responsibilities then you will need to comply with the Data Protection Act until May 2018 and the GDPR thereafter.

You need to think carefully about the storage and disposal of personal data. 

How can Crimson Crab help…

If I cease trading before the new data protection laws come into play, do I have to comply, or does it only apply to active businesses / sole traders?

The General Data Protection Regulations (GDPR) came into force in May 2016.

There is a two year lead in period to enable businesses to become familiar with the new regime and so the critical date is:

25th May 2018

The law applies to anyone who processes personal data (which includes storage and disposal) in whatever capacity.

How can Crimson Crab help…

June F2 Business Huddle

F2 Business Huddle with Cairn

Networking with a purpose

Friday 9th June 2017 

Midday until 2pm

Denvilles House
33 Emsworth Road
Havant
Hampshire, PO9 2SN

Reputation Matters

Reputation Advocate, Graham Martin from Red Pixel Creative will provide an overview of key elements that are used in graphic design and how they help to bring a successful design together.

If you miss this one the Next F2 Business Huddle is on 14th July 2017.

£14 on the door includes a light lunch and free parking. (Reputation Advocates – £10.)

Read more and book your place..

What do I need in my business letterheads?

From a compliance perspective your clients are entitled to know the details of the legal entity that they are dealing with, especially if a business or trading name is being used. If the legal trading entity is a registered body there are some very specific disclosure requirements.

The information must appear in business letters and electronic equivalents including emails. To give you peace of mind we can check out your letterheads for compliance read more…

Can I do anything now to get ready for the changes in data protection laws?

Yes, it’s really important to get your house in order, ready for the new legislation.

You will need to get to grips with the new rights of individuals, handling subject access requests, consent, data breaches, and maybe even designating a data protection officer.

There is a responsibility to demonstrate compliance and so documenting what personal data you hold, where it came from and who you share it with is an absolute must.

The important thing is to make sure that someone in your organisation takes proper responsibility for data protection compliance in good time and has the knowledge, support and authority to do so effectively.

How can Crimson Crab help? Read more…