Procurement · 25 January 2018

Government outlines final guidance ahead of new data protection laws

The data protection bill will give consumers greater control over personal data
With new data protection laws just four months away, the government has handed final guidelines to business owners yet to prepare for its requirements.

In April 2018, the data protection bill with bring the EU’s General Data Protection Regulation (GDPR) into UK statute books. Primarily, the bill will make it easier for consumers to withdraw consent for the use of their personal data.

The bill will arm the Information Commissioner’s Office (ICO) with greater powers to hold non-compliant organisations accountable. The highest fines for the most serious data breaches will reach 17m or four per cent of turnover.

Fewer than half of UK business owners are aware of new data protection laws, according to new government research, while a quarter of those who were aware had made changes to cyber security procedures by hiring new staff and updating anti-virus software.

Further to the government’s findings, research from Mailjet has found that startup businesses could be least GDPR-compliant.Only 29 per cent of startups surveyed actually encrypted collected data, while just a third had a data breach notification plan in place.

GDPR support for small firms
? ICO helpline
? Guide to the GDPR
? GDPR checklist
? 12 steps to prepare now

To support business owners yet to understand new requirements, the Department for Digital, Culture, Media and Sport (DCMS) has provided final guidance for firms.

Owners have been advised to document what data the business holds, review privacy notices and consider how it would delete personal data if asked. Hiring a dedicated data protection officer could also help guarantee full compliance.

Speaking from the World Economic Forum in Davos, secretary of state for digital, culture, media and sport, Matt Hancock, said: We are strengthening the UK’s data protection laws to make them fit for the digital age by giving people more control over their own data.

and as these figures show many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill.

there is a wealth of free help and guidance available from the Information Commissioner’s Office and the National Cyber Security Centre, and I encourage all those affected to take it up.



Uber data leak could have earned 17.75m fine under GDPR

After the taxI app concealed a data breach affecting 57m of its users, legal experts suggested Uber would have faced the harshest penalties of incoming data protection rules.




Praseeda Nair is an impassioned advocate for women in leadership, and likes to profile business owners, advisors and experts in the field of entrepreneurship and management.

High Streets Initiative