With the new G.D.P.R coming in to effect this year many people are still unsure about what it is and how it will effect their business. With just over 100 days until the rules came into force, a government study showed only 38 per cent of British firms were even aware of GDPR, let alone ready to comply.
However, Recruitment Solutions Wales ltd are not only aware but are going above and beyond to make sure they and their clients are ready for the new laws to come in to play. With extensive training and corporate information days all in the planning Recruitment Solutions Wales are making every effort to be at the forefront of preparation and knowledge.
SO, WHAT IS G.D.P.R???
THE (G.D.P.R) General Data Protection Regulation, comes into effect in May, is the biggest shakeup of personal data privacy rules since the birth of the internet. The EU’s General Data Protection Regulation (GDPR) is the result of four years of work by the EU. Its main purpose is to bring data protection legislation into line with new, previously unforeseen ways that data is now used.
It is aimed at everyone from multi billion-pound companies to locally run small businesses, everyone will need to comply.
The General Data Protection Regulation is a new legislation that is enforceable in all EU countries from May 25, 2018. The government confirms that the same rules will still apply after we have formally left the EU. Punishing fines for data misuse and breaches can reach £18million or 4 per cent of global annual turnover, whichever is higher.
The GDPR aims to make it simpler for people to control how companies use their personal details. Strict rules mean companies will not be allowed to collect and use personal information without the person’s consent. Data includes things such as a person’s name, email address and phone number, also internet browsing habits collected by website cookies.
Companies must keep a record of how and when an individual gave consent, and that individual may withdraw their consent whenever they want. With many companies’ current model for obtaining consent not meeting the new rules, they must bring it up to scratch or stop collecting data when the GDPR applies this May.
Companies must also report any data breaches – including cyber-attacks and accidental leaks – to authorities within 72 hours. Individuals can demand a copy of all data held about them, which must be supplied within 30 days.
Individuals also have the right to demand that their data is deleted if it’s no longer necessary to the purpose for which it was collected. This is known as the ‘right to be forgotten’. Under this rule, they can also demand that their data is erased if they’ve withdrawn their consent for their data to be collected, or object to the way it is being processed. However, this is just the tip of the iceberg with so many new rules and so much new information for companies to prosses it is no wonder some are struggling. That is why Recruitment Solutions Wales are making every effort to help their staff and clients train and comply to the new regulations.