On Tuesday 14th November 2017, The KM Recruitment team attended a seminar hosted by the Recruitment & Employment Confederation (REC) to learn more about the upcoming EU GDPR legislations which come into full effect on 28th May 2018.
The EU GDPR introduces new data protection obligations for businesses and new rights for individuals relating to how their data is being processed by businesses. The new legislation will work alongside and enhance the current Data Protection Act (DPA) already in place.
We found the whole seminar to be very useful and will be working hard as a team to continue to be compliant with Data Protection Laws.
The Key points for GDPR include:
New Rights introduced for Individuals
- The right to be informed of a data breach.
- The right to access information held about that individual.
- The right to rectify any errors in data.
- The right to be forgotten.
- The right to halt processing of their data.
- The right to data portability / transfer data to another business.
- The right to not be subject to automated decision making and profiling.
For more information on Rights for Individuals, please visit the ICO on: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
Obligations introduced for Businesses
- Obligation to nominate or recruit an appropriate and dedicated Data Protection Officer.
- Obligation of Accountability
- Obligation of “Privacy by Design and By Default”
- Obligation to conduct Risk Assessments for Data Protection.
- Obligation of transparency.
- Obligation of keeping accurate records.
- Obligation to inform.
- Obligation to comply with Subject Access Requests (SARs)
For more information on the Obligations for Businesses, please visit the ICO on: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/accountability-and-governance/
We will release further blog posts with more information as it becomes available.