IT & Internet, DAC Beachcroft updates

United Kingdom

Contributed by DAC Beachcroft
CCS guidance to suppliers on GDPR
  • United Kingdom
  • May 01 2018

The Crown Commercial Service (CCS) has issued a guide to CCS suppliers about the actions which they must take in light of the implementation of the General Data Protection Regulation (GDPR). Under the GDPR, data processors will face direct legal obligations and can be fined by the Information Commissioner's Office for non-compliance. In addition, data processors will face claims for compensation if they fail to comply with their obligations.

Compensation claims under GDPR – an overview of the brewing storm
  • United Kingdom
  • March 06 2018

The EU General Data Protection Regulation and the incoming Data Protection Bill (UK) will introduce a range of new liabilities into the data protection landscape. Data controllers have been warned of a corresponding increase in data protection claims under the new regulatory regime for some time. These warnings have largely focused on the level of fines and new data breach response requirements. However, the brewing perfect storm surrounding compensation claims should also be firmly on solicitors' radars.

Are your contracts GDPR compliant? PPN published in relation to new data protection legislation
  • United Kingdom
  • January 23 2018

The Crown Commercial Service has published a procurement policy note (PPN) in relation to the new data protection legislation that will be implemented shortly. The PPN highlights the fact that the EU General Data Protection Regulation now strikes a more even balance between data processors and data controllers and requires organisations to act immediately to ensure compliance. As the new legislation will apply to the wider public sector, other public bodies may wish to apply the principles of the PPN.

GDPR: what should businesses be doing to prepare for enhanced data protection regime?
  • United Kingdom
  • January 09 2018

The recently announced Data Protection Bill (which will replace the existing Data Protection Act) will transpose the EU General Data Protection Regulation (GDPR) into UK law and will be applicable despite Brexit. The new enhanced regime will affect all businesses that process data relating to an identified or identifiable natural person. Companies need to be actively preparing to ensure that they are GDPR compliant by identifying what steps are needed to comply with the regime.

Subject access requests under GDPR: much ado about nothing?
  • United Kingdom
  • December 19 2017

The extent to which the data subject access request (DSAR) regime will change under the EU General Data Protection Regulation and how this will affect employers is becoming clear. For example, the fee for responding to a DSAR will be abolished and the deadline for compliance will be reduced. While there will be some practical differences, an employer that has appropriate systems and procedures in place to deal with DSARs under the existing regime will not need to radically rethink its approach.

Current search