Don’t risk €20m GDPR fine
There’s more to GDPR than opting in or out of emails you receive, writes CASSL chair William Hughes.
You can’t seem to escape data scandals these days, the most notorious being the Facebook-Cambridge Analytica fiasco, which culminated in Mark Zuckerberg’s questioning from US Senators. Such scandals have brought to light the growing fascination with personal data.
The General Data Protection Regulation (GDPR) is effective from 25 May, but what is GDPR and how will it affect us?
What is GDPR?
- GDPR is legislation replacing the Data Protection Act (1998)
- The replacement looks to maintain the privacy and rights of individuals
The impact on us
You will no doubt notice emails from businesses cropping up in your inbox asking for consent to retain your email address or other personal data. GDPR will look to reinforce the DPA opt in scheme for personal data and may result in a number of processing conditions that will affect companies as applicable. For example, businesses who use their customers personal data to target advertising may face changes resulting in an overhaul of the way products are marketed.
Ultimately, GDPR will look to provide additional rights to the individual and businesses will have to become more transparent about their use of individuals’ personal data. Did you know that due to the pressure for transparency, Instagram’s users are now required to disclose when posts are sponsored and are redefining policies on the rights to tag users?
What can we do?
As accountants we should understand GDPR and ensure our business and clients are compliant, especially as fines are rising to a maximum of 4% of annual turnover or €20m (£17.6m), whichever is the higher.
It’s important to remember that GDPR will not only affect businesses but also us as individuals. It’s likely your employer will provide support and training.
William Hughes is Chair of CASSL, the Chartered Accountancy Students Society London
Liked this? Read these: