The Data Protection Bill 2018: What It Could Mean for Your Business

Posted on

The Data Protection Bill 2018: What It Could Mean for Your Business

The advent of a new data protection law may not, at first glance, feel like an interesting or especially urgent topic. Despite the apparent lack of glamour, there is plenty for businesses to digest, as Ian Anderson discusses here.

The Data Protection Bill is the Government’s way of ‘updating Data Protection laws for the digital age.’ Coming into force in 2018, it will replace the existing Data Protection Act as well as apply new EU regulations relating to data handling.

What should businesses be aware of?

The Information Commissioner’s Office (ICO) is already a powerful regulatory body, but the new legislation will widen the scope of its powers.

ICO investigators will be able to enter a company’s premises, reviewing their data processing practices. They will also be able to examine documents and equipment. In the event of non-compliance, the ICO will be able to issue an enforcement notice.

The Bill also places new criminal offences on the statute book. This includes giving the ICO the ability to bring criminal proceedings where a data controller/processor alters their records after a subject access request has been made, with a view to preventing disclosure.

The ICO will be able to impose increased administrative fines on data controllers and processors- the most serious data breaches will attract penalties of up to £17m or 4% of the company’s global turnover (referred to as ‘Civil Monetary Penalties.’) These penalties are significantly heavier than at present (£500,000)

Why do I need to know about this now?

The Bill has yet to become law but businesses should familiarise themselves with its provisions now, so as not to get caught out when it comes into force next year. It might be prudent to run an audit or ‘health check’ against your data processing policies to ensure they are compliant well in advance.

It’s also worth bearing in mind that as the Information Commissioner’s Office points out, awareness of a company’s data breaches can affect public perception and damage the status of its brand.

If you have any queries relating to the content of this article, or require advice, please don't hesitate to contact Ian on 0113 284 5062  or via ian.anderson@isonharrison.co.uk.

« Go backContact us »