Chamber Profile March April 2017

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

SECTOR FOCUS: LEGAL & FINANCE SECTOR FOCUS

Advances in technology along with high profile breaches have meant that you would be hard pushed to find a business not thinking about data protection. However with less than 18 months to go until the largest shake up in European data protection regulation in 20 years, could businesses be doing more to get prepared? The GDPR will introduce a

number of new concepts and significantly raise the bar across the board, although barely any of the fundamental elements of today's laws have been scrapped. One of the most important changes for businesses to note is that the potential financial penalties have substantially increased – under the new laws fines could be up to the greater of €20m or four per cent of global annual turnover.

Furthermore the GDPR takes a

risk-based approach, which means that all businesses, no matter what size, will have to address their current levels of compliance. Certain businesses, such as those

with a significant digital presence (retailers or online publishers for example) or those that handle sensitive information (such as clinical data) or who undertake sensitive practices (for example profiling or making automated decisions about individuals) will inevitably have an inherently higher risk profile. Even businesses that don't deal with consumer data as part of their core business will need to think about the GDPR in the context of their HR data. The regulation will take effect on

25 May 2018, with Brexit making no difference to this timeframe

THE LATEST NEWS FROM THE REGION’S LEADING SECTORS

Is your data protected?

Alexandra Leonidou (pictured), Senior Associate, at Foot Anstey, explores the upcoming changes to data protection laws

(as confirmed recently by the ICO, the UK's data protection regulator), and businesses can and should be preparing now so that they are on the front foot. The most important things to consider at the early stages of your GDPR preparations are: • Accountability: Who are you going to put in charge of leading this area? Are they sufficiently knowledgeable? Are they sufficiently resourced? Are the right reporting lines in place?

• Awareness: Who needs to know about the GDPR? This isn't just something for IT or data officers. Boards should be aware of the risks, HR teams need to think about employee data and getting GDPR compliance right will be critical for marketing and communications teams' activity.

• Audit: What data do you have and where is it stored? What are you doing with it? Do any third parties process the data? Conduct a data mapping exercise and review your notices and consents.

28 Chamber Profile March/April 2017

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40