ARTICLE
28 February 2018

General Data Protection Regulation

O
Ogier

Contributor

Ogier logo
Ogier provides legal advice on BVI, Cayman, Guernsey, Irish, Jersey and Luxembourg law. Our network of locations also includes Beijing, Hong Kong, London, Shanghai, Singapore and Tokyo. Legal services for the corporate and financial sectors form the core of our business, principally in the areas of banking and finance, corporate, investment funds, dispute resolution, private equity and private wealth. We also have strong practices in the areas of employee benefits and incentives, employment law, regulatory, restructuring and corporate recovery and property. Our corporate administration business, Ogier Global, works closely with Ogier's partner-led legal teams to incorporate and administer a wide variety of vehicles, offering clients integrated legal and corporate administration services. We have the knowledge and expertise to handle the most demanding and complex transactions and provide expert, efficient and cost effective services to all our clients.
Explore
As of 25 May 2018, the General Data Protection Regulation (GDPR) will reform data protection and privacy laws across Europe and beyond.
European Union Privacy
Photo of Sara Johns
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

As of 25 May 2018, the General Data Protection Regulation (GDPR) will reform data protection and privacy laws across Europe and beyond.

The new rules:

  • Create new responsibilities for organisations that collect, use or store information about people.
  • Give people new rights about how their data is collected, used and stored – including the right to have data corrected or deleted.

Six things you need to know...

  • European regulators will have the power to serve fines of up to 4% of a business' annual worldwide turnover of the preceding financial year
  • Where individuals demand to know what information is held on them, the data controllers will have less time to respond, and will not be allowed to charge
  • Where data is lost or stolen, the breaches will have to be reported to the regulator within 72 hours of discovery
  • Rights under the GDPR apply to EU citizens, regardless of where the company processing their data is based
  • Individuals will have the "right to be forgotten" – so that, in some cases, they can demand that their data is deleted
  • Jersey will implement its own local legislation commensurate with the GDPR

Six things you need to do...

  • Review your records management systems and processes, both electronic and paper-based, to ensure they are consciously designed to support the efficient discovery of information
  • Identify the legal bases you rely on to process data. If you rely on the data subject's consent, consider whether it complies with the GDPR and what changes you may need to make
  • Test your organisation's ability to quickly isolate data relating to a specific individual in the necessary time period provided under the GDPR
  • Create procedures or review any existing procedures regarding responding to SARs and governing the refusal of requests
  • Identify a point of contact within the organisation that will deal with Subject Access Requests (SAR) and ensure that their contact details are easily available
  • Review and update your existing contracts and websites to make them GDPR compliant

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.

Authors
Photo of Sara Johns
Sara Johns
Your Author LinkedIn Connections
ARTICLE
28 February 2018

General Data Protection Regulation

European Union Privacy

Contributor

Ogier logo
Ogier provides legal advice on BVI, Cayman, Guernsey, Irish, Jersey and Luxembourg law. Our network of locations also includes Beijing, Hong Kong, London, Shanghai, Singapore and Tokyo. Legal services for the corporate and financial sectors form the core of our business, principally in the areas of banking and finance, corporate, investment funds, dispute resolution, private equity and private wealth. We also have strong practices in the areas of employee benefits and incentives, employment law, regulatory, restructuring and corporate recovery and property. Our corporate administration business, Ogier Global, works closely with Ogier's partner-led legal teams to incorporate and administer a wide variety of vehicles, offering clients integrated legal and corporate administration services. We have the knowledge and expertise to handle the most demanding and complex transactions and provide expert, efficient and cost effective services to all our clients.
Explore
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More