Procurement Praseeda Nair · 16 August 2017
Fear and confusion escalates from government silence on data protection bill
Small UK business owners won’t have missed talk of General Data Protection Regulation (GDPR), but deepening uncertainty remains over how they will meet the demands of a new data protection bill in the absence of substantial government guidance. On 8 August, the Department for Digital, Culture, Media & Sport (DDCMS) announced a new data protection bill to give consumers greater control of their online data. The bill, awaiting parliamentary scrutiny, puts the requirements of the EU’s GDPR into UK law and will be implemented on 25 May 2018. Although Matthew Hancock, minister of state for digital, claimed both businesses and consumers would be protected, the bill was announced alongside non-compliance fines of up to 17m, or four per cent of annual turnover. Ian Cass, chief executive of the Forum of Private Business (FPB), said Hancock’s comments gave small company owners no comfort whatsoever, due to uncertainty over obligations and fears of non-compliance.? While Cass agreed with the principles of GDPR, he said: No one in power has thought about the small and micro businesses that make up 98 per cent of the UK’s 5.2m businesses. Business Advice got in touch with Cass to find out how the lack of clarity has occurred and what the growing dangers are of a misinformed debate. The first suggestion is a the absence of practical small business guidance from the Department for Business, Energy and Industrial Strategy (BEIS). when you look for it, there is very little information out there. The obvious place for me to ask was BEIS saying there’s a huge piece of compliance coming in, do you have a simple guide that we can share with our members . BEIS was unable to share anything in the way of a tailored framework for small firms, stating guidance would be delivered at a later date. Nobody seems to be saying what it means in simplistic forms, Cass added. Another organisation, which asked for anonymity, told Business Advice it had received a draft guide to data sharing? circulated by BEIS, requesting feedback that would inform official guidance to be published once the new bill is introduced. our current understanding is that the Data Protection Act 1998 (DPA) is due to be replaced from May 2018 under GDPR.? while we do not expect that substantial change to the guide will be required, we are circulating this guide as a draft for comment. our intention is to finalise the guide on replacement of the DPA. Many business owners will be hoping to make the necessary preparations for the new data protection bill prior to its day of introduction.
ABOUT THE EXPERTPraseeda Nair
Praseeda Nair is an impassioned advocate for women in leadership, and likes to profile business owners, advisors and experts in the field of entrepreneurship and management.