GDPR
One Year On
By Robin Bingeman, Managing Director, Cryoserver
On May 25th 2018, the EU rolled out a new set of data privacy laws under the General Data Protection
Regulation - more commonly known by the acronym of GDPR. The aim of GDPR was to set a
standardised level of data protection for individuals across the EU. The negotiations for this new
legislation took more than four years, with regulations concerned with how businesses should handle,
store and protect consumer data.
Regardless of Brexit, the ICO (Information Commissioner’s Office) and UK Government have stated that
the UK will still have to comply with GDPR. In fact, any overseas businesses dealing with consumers and
other businesses in the EU27 must be GDPR compliant.
In the lead up to the GDPR deadline, the ICO called for GDPR compliance rather than enforcement, but
news headlines focused on the eye-watering fines - enough to scare any business into getting themselves
in line with the regulations.
For companies in breach or found to be non-compliant, there are two tiers of administrative discretionary
penalties that can be levied: