Figaro Digital Issue 28

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

FIGARODIGITAL.CO.UK

The new European Commission’s General Data Protection Regulation (GDPR), adopted in April 2016, is the European Commission’s attempt at strengthening and unifying data protection for individuals within the European Union (EU). It also addresses export of personal data outside the EU. When GDPR comes into full eff ect

on May 25, 2018 after a two-year transition period, it will replace the data protection directive from 1995. It will bring signifi cant change to how organisations manage and use EU personal data. Therefore, the GDPR requires organisations at this stage to carefully assess the potential impact of the Regulation on their data processing activities and to devise and execute eff ective implementation strategies for bringing their business processes, information governance and privacy infrastructures and IT systems into compliance with the new requirements. The GDRP will impact not only

organisations and how they do business, but also the way in which data protection authorities supervise and enforce data protection requirements, how governments mediate between data protection and the goals and opportunities of the new digital society, and how individuals will be able to protect and exercise their fundamental rights relating to privacy.

While GDPR is generally

considered to be a positive and necessary step in ensuring privacy in an increasingly digital world, the new rules have left many UK businesses baffl ed, overwhelmed and - with potentially massive fi nes for those who fail to comply – extremely worried. There are a lot of myths about GDPR, explains Bojana Bellamy, president of the Centre For Information Policy Leadership at legal services fi rm Hunton & Williams.

GDPR: The Biggest Law In

The World

New EU data protection laws are driving sea change globally, with the change most notable in companies that store, manage and use data. But what does it mean for you?

“For example, a lot of people now believe that GDPR means that consumers can demand that companies delete all of their personal data,” she says. “Everyone has the right to demand

to be taken off of marketing lists, unsubscribe, but that doesn’t mean you have a right to demand that companies delete data. If a company deletes information about someone then they’ll never know that they’ve requested to be taken off a list. It only means to suppress your name from marketing campaigns. A company has to keep your data. You mustn’t trust all of the myths.” So exactly what is changing? What

do you need to do? And, now that the UK is leaving the EU, does any of this even apply to UK-based companies now anyway?

Impact of the regulation for businesses

The importance and scale of GDPR can’t be underestimated. Stewart Room, global head of Cyber Security and Data Protection at PricewaterhouseCoopers, says it is the biggest and most important piece of legislation in the world. He says: “Think about the biggest

piece of law that you’re aware of. Let’s think about employment law. How many cases end up in employment tribunals? How many people exit work then start to raise employment complaints? Millions and millions of issues around law each year. Let’s think about health and safety. How many times do people sue because of injuries whether in the workplace or out on the street? Absolutely massive. “The biggest legal themes that you can think about are nowhere near as big as the GDPR. This law will regulate every single entity, from the biggest multinational player right down to your local window cleaner if they touch personal data. Between that, every

34 issue 28 summer 2016

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48 | Page 49 | Page 50 | Page 51 | Page 52 | Page 53 | Page 54 | Page 55 | Page 56 | Page 57 | Page 58 | Page 59 | Page 60 | Page 61 | Page 62 | Page 63 | Page 64 | Page 65 | Page 66 | Page 67 | Page 68