The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Prepare or Beware as Data Protection Laws Change

11 August 2017 | Updated 01 January 1970

With the countdown to the new European General Data Protection Regulation (GDPR) and their enshrinement in UK law (via the proposed Data Protection Bill)  well underway, audit, tax and consulting firm RSM is urging FM, construction and other service companies companies to complete their preparation to avoid the risks arising from non-compliance.

The regulations, which come into force on 25 May 2018, will transform how contractors store and manage personal data.  Failure to comply with the new rules could see them face significant penalties of up to four per cent of annual global turnover.

The new legal framework is the biggest change to data privacy legislation in over two decades and aims to protect EU citizen’s personal data, regardless of borders or where the data is processed.

An important factor is to ensure a company’s data processes protect the rights of individuals. Therefore, an organised data protection programme will need to be established, with all data activities accurately recorded. This obligation extends to any third-party contractors or partners working with a business and will present companies with much greater legal liability in the event of error.

A specific sector issue brings additional complications surrounding Joint Ventures, raising uncertainty around who is responsible for managing and protecting stored and shared consumer data. Sufficient GDPR protocols such as clear data sharing agreements must therefore be established by cooperative business entities in advance of undertaking projects.

Steve Snaith, technology risk assurance (TRA) partner at RSM, said: "In a growing digital economy, where data can be collected and stored within seconds, there is more risk of cyber security breaches. Therefore it’s increasingly important to make sure clear processes and safeguards are put in place to protect both clients and suppliers.

"Although GDPR is a welcome attempt to curb growing fears around how companies use and manage personal information, the new framework will drastically affect the future of stored personal data and increase company accountability. Service businesses, which are vast employers, must make sure they are ready for what lies ahead and not get caught out, as the financial and reputational risk could be significant.’

Picture: On Aug 7, the government committed to updating and strengthening data protection laws through a new Data Protection Bill which will see UK law fall in with the European General Data Protection Regulation

Article written by Cathryn Ellis | Published 11 August 2017


Related Articles

GDPR - A Little Help From Your Friends

ThisWeekinFM is reminding readers GDPR is for life and not just May 25...but we also have a cunning plan to help keep you and your organisation compliant.  Whilst...

 Read Full Article
Callow Youth Blamed for Security Breaches

Younger employees have been identified as the main culprits for security breaches in the workplace in a study by Centrify of UK senior decision makers and...

 Read Full Article
Is BYOD Creating A GDPR Risk For Your Business?

Does your Bring Your Own Device (BYOD) stance have the potential to create risks relating to data protection or breaches, as a result of staff using a single smartphone...

 Read Full Article
Two Million Fleet Drivers To Revalidate Driving Licence Data Consent

There are over two million drivers who will have to revalidate their driving licence data consent, writes Malcolm Maycock, Chair of the ADLV. Whilst this is a mammoth...

 Read Full Article
Raising The Bar – Consent Under The GDPR

Straight from the horse's mouth, Steve Wood, Deputy Information Commissioner, writes for ThisWeekinFM on the topic of 'consent', how to get it and what to do...

 Read Full Article
Denial Of Service Costs Escalate

A DNS Threat Report has revealed the cost per attack has increased by 57% to $715,000 for organisations globally. EfficientIP, a specialist in DNS security to ensure...

 Read Full Article
Are You Ready For Business Change?

Andrew Carwardine offers 7 Steps to Change & Put Process Back On The Agenda. Thanks to GDPR, processes are back on the agenda but why the wait? Shouldn't we...

 Read Full Article
GDPR - No Confidence In Compliance. Mobile Workers Are Biggest Hazard

Most companies are not confident of being fully compliant ahead of the GDPR deadline with the biggest fear being the loss of data on laptops and other mobile...

 Read Full Article
Gangsters' Paradise Leads To Jail Terms For Business Phishing Scam

Gangsters who altered business emails to rip-off more than £1 million have gone to jail. Two members of the Nigerian organised crime group who committed the fraud...

 Read Full Article
Crown Prosecutions Service Prosecuted - And Other GDPR-type Convictions

You could hardly make it up but the Crown Prosecutions Service has been fined after losing victim interview videos - PLUS a variety of convictions including a...

 Read Full Article