Skip to content

Thoughts, trends and insights


Are You Ready for GDPR and the Data Protection Bill?

Part 1 of 3

The EU’s General Data Protection Regulation (GDPR), which comes into force in May 2018, has serious consequences for every business – no matter the size. Any organisation that stores and handles personal data will have to adhere to the new regulations. As a consumer it is good news as it will empower people to take control of their data. For businesses, however, it is going to cause a headache. And there’s no denying it, it’s quite complicated.

Consent, accountability and data breaches are the key focus points of the new regulation, and every organisation needs to make sure that it complies with the legislation to avoid being penalised. The Information Commissioner’s Office (ICO) will have the power to impose fines much bigger than the £500,000 limit the Data Protection Act currently allows. Under the new GDPR law, the fines can amount to £17 million (€20) or 4% of turnover.

These figures are causing much consternation within businesses, and rightly so. However, it needs to be pointed out that this will only be applied in extreme cases where there has been a serious data breach or the organisation has completely failed to address data protection, as Information Commissioner, Elizabeth Denham, pointed out on her ICO blog:

“It’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm. Issuing fines has always been and will continue to be, a last resort. Last year (2016/2017) we concluded 17,300 cases. I can tell you that 16 of them resulted in fines for the organisations concerned. Don’t get me wrong, the UK fought for increased powers when the GDPR was being drawn up. Heavy fines for serious breaches reflect just how important personal data is in a 21st century world. But we intend to use those powers proportionately and judiciously.”

What is more worrying, however, is that, according to the latest Aldermore small and medium sized business owners (SMEs) Future Attitudes study, nearly half (46%) of all small and medium sized business owners have not heard of GDPR and less than one in ten (9%) SME owners in the UK fully understands what the forthcoming General Data Protection Regulation actually means for their business or have taken the appropriate steps to prepare themselves for it.

But What About General Data Protection Regulation and Brexit?

A great deal has changed since the Data Protection Act came into force in 1998. Digital technology and the storage and manipulation of data has increased tenfold, making existing data rules completely out of date. In order to comply with the impending European regulation, the new Data Protection Bill, which was announced in the Queen’s Speech in June, will replace the Data Protection Act, and incorporate the GDPR into national UK law.

Although the UK is on course to leave the EU, as an existing member state, the GDPR had to be written into the Bill and adhered to. Following Brexit, any organisation that wants to continue exchanging data with customers and contacts in the EU, which is most, will have to demonstrate compliance with GDPR.

Download and use our GDPR Compliance Checklist and Workbook to carry out a self assessment of the data that you hold to determine what you need to put into action in order to comply with the new GDPR requirement.

GDPR Compliance Checklist and Workbook

GDPR Compliance Checklist and Workbook

Our GDPR Compliance Checklist and Workbook provides a number of questions to help you determine how compliant you are with the forthcoming General Data Protection Regulation.

Related Articles

What is GDPR?

Part 2 of 3 The General Data Protection Regulation (GDPR) has been introduced by the EU in order to give consumers more control over their personal data. New consumer rights, new rights…

Business Process Automation CTA

Got a question?

Send us your questions and we will provide you with the information and resources that you need.

Ready to Talk?

You don’t learn everything in life by reading a manual, sometimes it helps to get in touch

Phone: +44 (0) 330 99 88 700

Want more information?

Fill in your details below and one of our account managers will contact you shortly.

    First Name

    Last Name

    Business Email


    Tell us your requirements