A Dundee-based GDPR expert has told businesses to not delay on becoming compliant on new data-protection legislation, which came into force last week.
Ruth Weir, an associate solicitor at Blackadders, is one of four panellists taking part in the latest Courier Business Briefing on the topic of employment law next month.
She called on firms to take action to adhere to the new GDPR (General Data Protection Regulation) rules which govern how companies must protect EU citizens’ personal data or run the risk of being fined.
She said: “I presume all businesses have heard the dreaded four letters by now but perhaps people are at different stages of getting compliant.
“Although there was a two-year lead in, since the start of May, we saw a huge increase of inquiries about GDPR, with lots of people needing guidance.
“Firms have had to take stock of what data they hold and what they need to put in place to adhere to the new rules.”
GDPR gives customers new rights, including the ability to find out what data is being held on them and to delete that information unless a firm has a good reason to keep it.
Companies now have to get consumers’ consent to use personal information and meet higher standards for keeping data safe.
“There’s not a standard approach to how to handle the change, it’s been a case of what’s appropriate for your business and what you want to do with the data,” Ms Weir added.
Companies which breach the updated legislation risk fines of €20 million or 4% of global turnover, whichever is higher.
The Information Commissioner’s Office (ICO) is policing companies in the UK.
“The ICO has said they will be realistic and recognise constraints in that not every business is going to spend millions on doing data protection work,” Ms Weir said. “But that’s not a reason to have nothing in place, and if nothing has been done, companies should make it a top priority to get compliant quickly.
“If they can demonstrate they are on the road to being compliant, that’s something.
“If they’ve done nothing, there’s a real risk of receiving a fine, which are substantial under the new rules.”
The Business Briefing will be held at the DC Thomson building in Meadowside on the evening of June 14.
The event will also hear from Liz Jackson, the managing director of Fairways, Simon Allison, head of employment at Blackadders and Gerry Grant, chief ethical hacker at the Scottish Business Resilience Centre.