The General Data Protection Regulations (GDPR) came into force on 25 May 2018 and they place substantial obligations on any person or organisation managing or handling data.
Data is any information relating to an identifiable person who can be directly or indirectly identified. This definition provides for a wide range of personal identifiers that constitute personal data, including; name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.
GDPR refers to sensitive personal data as “special categories of personal data”. The special categories specifically include racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences
GDPR sets out 7 core principles that must be complied with when holding, handling and processing data:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality
In the event of a breach of GDPR, an organisation can face sanctions from the Information Commissioners Office including warnings, bans on data processing and fines – which could be up to 4% of annual turnover or £20million, whichever is greater.
As such it is vitally important for a business to properly understand its obligations under GDPR and when these can arise in the day to day running of their business. Once you understand your obligations it is essential to ensure your paperwork and processes are running smoothly to comply with GDPR including obtaining specific consent for processing data, data processing agreements, privacy notices, appointing Data Processing Officers, handling data breaches and data subject access requests.
Howells can help you manage the handling of personal data in your business by reviewing your processes, advising if data is breached and how to manage your employees who handle personal data.
Free employment law clinic for businesses
Every Monday we run an ‘online employment law clinic’ for small businesses in South Yorkshire. If you have a question regarding employment law within your business email [email protected] on a Monday between 9am – 4pm and one of our employment experts will respond to you on the same day.
The Employment for Businesses team
Our Employment team, is renowned for its no-nonsense, energetic and pragmatic approach. Its success isn’t just down to its extensive knowledge of the law, it’s also the way we pride ourselves on putting our client first, getting to know you and understanding what you want to achieve. To get the best results for you and achieve commercially sensible outcomes it is essential that we understand your business.
The team is highly regarded, with recommendations from many clients. The professional guide, Legal 500, also ranks Howells employment team highly in Sheffield and South Yorkshire;
Legal 500 2018
"The 'friendly and approachable' employment team at Howells is known primarily for its representation of employees in tribunal claims. Clare Fowler and Tom Bernard jointly head the team, which is supported by head of civil litigation Graham Hogarth. Fowler has particular experience delivering discrimination advice, while Bernard is recommended for his 'balanced advice, thorough and clear communication' in relation to claims. The team has recently handled disability discrimination claims, in addition to unfair dismissal claims under TUPE. The practice also has experience acting for SMEs, including advising one employer on a complex redundancy matter."