In May this year the current Data Protection Act will be replaced by the EU GDPR (General Data Protection Regulation. And even when we leave the EU the UK Government is committed to keeping our rules in step, so there is no getting away from it.
The GDPR is described by the ICO (Information Commissioner’s Office) as “an evolution not a revolution” but there are some important enhancements to the obligations on businesses and the rights of individuals.
In the new regulations, organisations must be fully accountable for protecting the privacy of individuals and able to evidence how they fulfil this obligation. New rights being given to individuals include withdrawing consent and having all personal data held erased (except where there is a legal requirement, for example for tax records).
RHL already takes great care when handling personal data but we are taking the introduction of GDPR as an opportunity to upgrade systems and processes and do some general housekeeping on the data our clients, candidates and employees entrust to us.
It’s easy to think that GDPR is primarily about electronic data, and it’s true that lapses in security in IT can result in risks to higher volumes of people, but we are making sure that everything we do applies equally to paper and offline transactions.
Another of the key tenants of GDPR is transparency and we will be publishing regular updates on our website. In the meantime, if you have any questions, please feel free to contact us using the details below.