GDPR ‘Not Just an IT Issue’ Warn Legal Experts
Tuesday, March 13th, 2018
on behalf of Gilson Gray
LEGAL experts are warning businesses not to fall into the trap of assuming strict new data protection rules are just a matter for IT departments.
The introduction of the General Data Protection Regulation (GDPR) in May, means that all organisations which hold personal data must ensure they comply with new rules or risk heavy fines.
Gilson Gray, one of Scotland’s leading law firms, is warning business owners not believe the common misconception that GDPR relates only to data held in electronic format.
Derek Hamill, Head of Corporate Law at Gilson Gray, said: “The perception is that it’s a computer problem but it’s about the person in front the screen.
“GDPR can impact upon the everyday worker’s life. If you use an address or contact detail without permission, you – or your employer – could be in breach of the regulations. Everyone needs to be conscious about this.
“It’s an evolution similar to the one we’ve seen with password protection. Previously, people were much more blasé about sharing passwords but now they’re very protective of it. It’s the same now with personal details.”
GDPR is designed to give consumers greater control over information held about them and affords them the power to know what data companies have, who has been passed it and for what purpose the information is used.
Breaches can lead to a maximum fine of €20million or four per cent of global turnover.
It is feared GDPR could also lead to huge number of individuals making claims for compensation for breach of privacy.
Derek feels the best way for businesses to ensure they don’t slip up, is to have a clear understanding of what the new rules mean.
Derek continued: “GDPR applies to all personal data, regardless of its form. It relates to every instance where personal data may be collected, processed or stored by a business.
“GDPR is like a car. You learn to drive and follow the rules but if you go too fast and crash, it’s your fault, not the car maker’s.
“The IT people can only help so much. They give you the brakes and the steering wheel, but you have to use them. It’s a cultural change from one behaviour, where we openly share details, to another where we’re much more cautious.”
To help businesses navigate the GDPR minefield, Gilson Gray has created an affordable online training programme.
The programme, developed with leading UK training specialists Apex Training, is the first course of its kind that is City & Guilds accredited.
Derek said: “It is also important that staff at businesses and organisations know their responsibilities.
“Our GDPR training package provides a tool to give employees knowledge and understanding to comply with the new legislation.
“As well as being uniquely City and Guilds accredited and highly cost-effective, the training has been developed to combine the required legal know-how via Gilson Gray with the expert training skills of Apex Training.”
The training course costs £179 +VAT per user. The hour-long course is undertaken at an individual’s desk which ends with an on-line exam, after which they get an e-mail confirming the exam results for audit trail purposes.
Gilson Gray has also created a Data Protection team, formed from its Corporate and Employment departments, to provide a strategic support and guidance service to businesses and organisations to navigate through the GDPR requirements.
It has also teamed up with GCI, the UK’s leading Managed Technology Service Provider, to run free half day seminars in Edinburgh on how to prepare for GDPR.
More details from www.gilsongray.co.uk.
Looking to speak to experts in Legal PR?
So how can we help?
If you have any comments or questions, please contact us.