Thank you for contacting us.
We will get back to you as soon as possible.

Contact us


You acknowledge that by submitting your details via this page, you consent to us processing your personal data in accordance with our privacy policy.

GDPR: the clock is ticking!

GDPR: the clock is ticking!

25th May is fast approaching and GDPR will then really be here!

Employers have been losing sleep over this new legislation but maybe they have been overreacting.  Yes, the law is changing but in an evolutionary rather than revolutionary way. The key principles of the current Data Protection Act 1998 will remain.  Employers will need to deal with data “lawfully, fairly and transparently”; they must not hold excessive data and should only use it for the intended purpose.  They also need to check accuracy and not hold the information for longer than needed.  As has always been the case, information must be kept safe and secure.

So what is actually new?  Well, it’s a case of altered emphasis more than brand new concepts. 

Employers must be ultra clear and specific about the data that they hold, for what purpose it is held and the lawful basis upon which they will deal with the information.  It is no longer sufficient to make generalised, all-inclusive statements about data processing.  And this applies to the obtaining of consent as well; general provisions in employment contracts providing blanket consent for all data processing will not work anymore.

Furthermore, employers will be more accountable under GDPR for their use of personal data; they must have thought through the grounds for lawful processing and have good “data governance” in place.  And they must be able to demonstrate GDPR compliance through full and detailed record keeping.  A significant new provision is that employers must self report breaches and even notify data subjects where there has been a GDPR breach in certain circumstances.

The other major change is around sanctions and this is what has been hitting the headlines.  Under the current regime, the big complaint has been that the ICO has lacked enforcement “teeth”.  Well, under GDPR the fines will be significantly higher; up to 4% of global turnover or £80m, whichever is higher.  Employers who have been blasé about data processing in the past will need to modify their behaviours.

For advice on Employment law issues, please contact Richard Gvero.

Please note the contents of this blog are given for information only and must not be relied upon. Legal advice should always be sought in relation to specific circumstances. 

Keep It In The Family (Friday 18 October 2019)
18 Oct 2019 - posted in Events

Are you thinking about updating your will or worried about inheritance tax?

Read more
Longmores celebrate their 200th anniversary
24 Jun 2019 - posted in News
Author: Charlotte Hastings

Longmores Solicitors are celebrating the firm’s 200th anniversary since their founding in 1819. Two hundred of the firm’s clients and professional colleagues joined Longmores...

Read more
Financing Your Lease Extension
20 Jun 2019 - posted in Blog
Author: Polja Atkins

Many tenants commence the process of lease extension, whether pursuant to the Leasehold Reform, Housing and Urban Development Act 1993 or by voluntary agreement with...

Read more