The General Data Protection Regulation (GDPR) comes into force on 25th May 2018. It carries with it significant fines of up to £17 million, the imposition of which would have obvious and devastating implications for any business subject to any such sanction. Other, less discussed but no less serious, sanctions include the prohibition of processing data often critical to the running of the business.
Holborn Adams Solicitors can assist in ensuring that you and your business are ready to face this new regulatory regime
Information and Data management is a cornerstone of every successful modern business. Whether this includes client lists, stock inventories, internal communications or marketing data; managing and gathering data is critical to commercial success.
Successful information management is not without challenges. Properly controlling how such information is obtained, used and secured can often be complex, but failure to do so can land your organisation in serious legal trouble.
Holborn Adams Solicitors have dedicated Solicitors who specialise in information management and GDPR compliance
We at Holborn Adams have the expertise and experience to advise and assist on whether your data is being utilised efficiently and in compliance with the relevant UK and EU laws and regulations.
Consequences of mismanaging data
Mismanaged data will nearly always carry an economic cost to any business, acting as an economic break, slowing down efficiency and destroying profit margins. Worse mismanaged data gives rise to the risk of possible data breaches. This can lead to businesses suffering considerable damage from the economic, brand and regulatory consequences that would inevitably follow.
Data Breaches, Consumer Mistrust and Regulatory Penalties
Large data breaches are often headline grabbing news. The individuals affected by data breaches could face significant inconvenience, suffer identity fraud or face catastrophic reputational damage. Given these serious implications, even small breaches can have lasting and disruptive impact on the trust placed within a brand, often translating into lasting and significant economic loss for any such business unfortunate enough to suffer such a breach.
New powers granted to the Information Commissioner’s Office (ICO) under the GDPR now give them the power to carry out data audits, doorstep visits and request that documentation or other relevant information is handed over. Such investigations can be severely disruptive to the day to day running of any business not prepared for such eventualities.
In the event of regulatory action Holborn Adams are able to provide extensive advice on responding to ICO investigations and minimising the commercial and financial impact on your business. Holborn Adams will prepare detailed representations and advise how to respond to mitigate or even avoid the imposition of potentially large and catastrophic sanctions.
Demonstrating and Documents on the General Data Protection Regulation
If you are worried about the impact the GDPR is likely to have on your business, speak to Holborn Adams’ specialist data regulation solicitors today. Under GDPR businesses that process personal data will be expected to be able to both demonstrate and document compliance. This will include setting out what steps were taken to identify and mitigate potential risks to data security.
Holborn Adams can help advise on complying with obligations under the GDPR and assist in drafting the policies and procedures required to achieve (and document) effective compliance.
The main focus of the GDPR is on accountability and transparency; being able to demonstrate a thorough and consistent commitment to data protection from the outset will be a significant deciding factor in future assessments by the ICO over what sanctions, if any, are imposed.
The more you have done to prepare, including taking professional legal advice from Holborn Adams, the lower the level of sanction is likely to be in case of a breach
Holborn Adams can also help companies understand their rights and responsibilities as data controllers, processors and any Data Protection Officers that may be required or deemed necessary.
Data Breaches: Assisting in Assessing and Reporting Breaches
Under GDPR there is mandatory reporting of data breaches when there is a risk to the fundamental rights and freedoms of individuals. Such reports must be made without undue delay or in any event within 72 hours of discovery. It is imperative that we are contacted urgently so that we are able to provide independent and impartial advice within this very small window of time. Failure to report in a timely manner may well be used as evidence of non-compliance, the effect of which is likely to increase the size and scope of any sanction applied.
Holborn Adams retain specialist barristers at every level, including Queen’s Counsel (“QC”), who are available to provide expert advice and assistance from start to finish.
Our lawyers are available 24 hours a day / 7 days a week, to deploy nationwide to assist following a data breach.
Obligations and rights: Seeking specialist Advice
Under the GDPR individuals have much greater rights to control over their data. This includes rights to prevent companies processing their data further or even deleting it entirely. In some instances a business can argue that there are legitimate interests that override the objection of the individual. Holborn Adams are able to provide independent assessments over these internal decisions. Such external reviews can assist in demonstrating compliance in the event the matters is challenged and reviewed by the ICO.
Contact Holborn Adams for comprehensive advice on data protection today.