In December 2015, the three institutions of the European Union agreed the terms of proposed new data protection reforms - a new ‘General Data Protection Regulation’ to help pave the way for a single European Digital Market.
Whilst the underlying principles of the current EU data protection regime are retained, clarified and expanded, the reforms also introduce new and complex concepts in relation to the processing of personal data, and significantly increase the penalties for non-compliance.
Inevitably changes to data handling processes and customer documentation will be needed to comply with the new standards, and businesses will have an express obligation to document and demonstrate compliance and its response to any personal data security breach.
The proposal is expected to be adopted in the first half of 2016 to come into effect two years from that date.
Forward planning the transition to the new regime and re-assessing its risk profile, is of key importance to businesses seeking to maintain customer confidence and avoid the massively increased financial penalties proposed.
Our team advise on all aspects of compliance with data privacy law from our offices in the UK and Ireland, Germany and Belgium.
To read about the key changes this updated regulation will bring and for some practical tips to help you and your business prepare, please download our brochure General Data Protection Regulation: The key changes at a glance »