GDPR. Am I bothered?

Published 18th May 2017 in Blogs

Most of us by now will have heard of the General Data Protection Regulation (GDPR), and most of us will already be preparing for when it comes into force in May 2018. It is widely regarded as being one of the most significant regulations to come out of Brussels for years and it will affect all of us –   as individuals, as digital vendors and as digital leaders.

The regulation is designed to harmonise data protection law across Europe, and make the law more relevant to our digital age. It will apply to any organisation which is doing business within, or with, Europe. Compliance with the new law will be critical, given that the penalties for breaching the regulation will be substantially higher than now.

Brexit doesn’t give us a “get out of jail free” card.  Our government has already been very clear that it wants the UK to be “the safest place in the world to go online”. Not only will GDPR come into force next year, once we have exited the EU we will need to at least mirror the GDPR. In a recent review of the UK’s Cyber Security Strategy, which looked at how good cyber security practice could be incentivised, Matt Hancock concluded that no further cyber security regulation was necessary, given GDPR.

Am I bothered? Yes, I am. I cannot over-state the importance of being on the front foot for GDPR. If you haven’t already started preparing, start now. Make this a matter of priority, and make this a matter for your Board.

This isn’t a case of “each company for itself”. GDPR compliance will be fundamental to the health of the UK’s digital economy, now, and in the future. It would be irresponsible and very risky to ignore it and hope that it goes away, because it won’t.

The Information Commissioner’s Office is now posting guidance on how organisations should prepare, and I’m also delighted to introduce a very helpful whitepaper from Mark Bailey, a highly experienced technology lawyer, and Partner at Charles Russel Speechlys. The paper takes a very practical approach to ensuring GDPR compliance when buying cloud services, showing what to look for, highlighting the legal pitfalls if personal data is taken off-shore, and how the legal pitfalls can be avoided.

I hope you find it as helpful as I did!

Our expert author

Simon Hansford

Related features

Press Releases

UKCloud Health announces partnership with Shaping Cloud to accelerate digital transformation across healthcare

UKCloud Health launches ‘Transformation Accelerator’ in partnership with Shaping Cloud, using multi-cloud and trusted expertise to reduce cost...
Press Releases

UKCloud Health selected by NHS Shared Business Services to provide multi-cloud services on its new cloud solutions framework

Press Release – UKCloud Health selected by NHS Shared Business Services to provide multi-cloud services on its new cloud solutions...
Press Releases

UKCloud wins approval to provide multi-cloud solutions via Scottish Government’s Cloud Services Framework

London – 6 August 2019 – UKCloud, the multi-cloud experts dedicated to making transformation happen across UK public sector, has today...

Five reasons why we love Scotland’s vision of a digital future

The announcement of the new Cloud Services Framework from the Scottish Government brings renewed focus to their Digital Strategy. A strategy which...