Recent survey suggests that many UK businesses do not see it as a priority to be compliant with the General Data Protection Regulation (GDPR). Marking the GDPR compliance deadline a year from now, the Information Commissioner’s Office (ICO) has warned businesses of the consequences of not preparing for the GDPR:
“If your organisation can’t demonstrate that good data protection is a cornerstone of your business policy and practices, you’re leaving your organisation open to enforcement action that can damage both public reputation and bank balance.”
The ICO also set out details of its enforcement plans in its Information Rights Strategic Plan 2017 – 2021:
‘Under the EU data protection reform package (GDPR) we will also see an increase in the scale and impact of the sanctions at our disposal. We are committed to using these increased powers in ways which target the most serious areas of non-compliance.’
Under the GDPR, the ICO will have powers to impose administrative fines of up to €20 million or 4% of annual global turnover – whichever is higher.
Complying with the GDPR
Implementing an effective compliance programme could require significant work, so organisations should not wait or take a reactive approach to their GDPR preparations. The prerequisites for implementing a GDPR compliance programme are knowledge and competence.
The certified GDPR Foundation and Practitioner training courses are designed to give attendees knowledge of the Regulation’s requirements, and a practical understanding of the methods and tools for implementing an effective compliance framework, including how to fulfil the role of data protection officer.
New GDPR training dates
When: June, July & August
Where: London, Birmingham, Cambridge & Edinburgh