Information Law and Data Protection
The need to protect and utilise data lawfully is crucial. In recent years, both the UK and the EU have introduced stringent regulation to control how businesses process valuable information and customer data.
Non-compliance can carry the threat of imprisonment and considerable fines, and all businesses are subject to the regulations. This includes foreign companies that hold information or data about customers from the UK or EU. Our practical down-to-earth advice and strategies will ensure that you are fully compliant with the law, and could include a full audit of your data storage and processing systems.
We can advise on:
- UK Data Protection Act and EU data protection law
- Confidentiality agreements
- Privacy policies and other data-related policies
- Data loss and security breaches
- Data protection audits
- E-privacy and new technology
- Global data transfers
- Reputation management
- Subject Access Requests
- Social media
Data Reform Bill
more data changes are on the way …
The Queen’s speech has confirmed that new data protection legislation is on the way. The Government announced that the purpose of the bill will be:
- creating a post-Brexit UK data protection framework that ‘reduces burdens on businesses, boosts the economy, helps scientists to innovate, and improves the lives of people in the UK’;
- ‘modernising’ the Information Commissioner’s Office (‘ICO’), making sure it has the capabilities and powers to take stronger action against organisations who breach data rules while requiring it to be more accountable to Parliament and the public;
- increase industry participation in ‘Smart Data Schemes’, which will give citizens and small businesses more control of their data;
- help those who need healthcare treatments, by helping improve appropriate access to data in health and social care contexts.
Analysis by the Department for Digital, Culture, Media and Sport claims the Government’s reforms will create over £1 billion in business savings over ten years by reducing burdens on businesses of all sizes.
The bill has not be published yet, but is likely to reflect the issues outlined in the Government’s consultation paper published last year, ‘Data: A New Direction’. If that is the case then the changes introduced by the bill are likely to be significant whilst preserving the overall structure of data protection regulation in the UK.
This is also likely to be the first substantial divergence between the UK data protection regime and the regime in the EU. It will be interesting to see how the Government strikes the balance between updating the law in the UK whilst keeping the two regimes closely aligned enough to avoid barriers to data transfers between the UK and EU.