{"id":13203,"date":"2017-07-05T19:42:16","date_gmt":"2017-07-05T19:42:16","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13203"},"modified":"2017-10-01T10:32:47","modified_gmt":"2017-10-01T10:32:47","slug":"general-data-protection-regulation-gdpr-councils-seriously-unprepared-gdpr","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/regulation\/gdpr\/general-data-protection-regulation-gdpr-councils-seriously-unprepared-gdpr\/","title":{"rendered":"General Data Protection Regulation (GDPR): Councils are ‘seriously unprepared’ for GDPR"},"content":{"rendered":"
The General Data Protection Regulation (GDPR) will give people more control over their personal information when it is passed into law in 2018, superseding the UK’s outdated Data Protection Act, which was drafted in the 1990s.<\/p>\n
The regulation requires no special legislation to come into force in the UK, making the two-year countdown a hard deadline for companies to get into shape for.<\/p>\n
GDPR changes the concept of personal data, expanding its definition to include people’s IP addresses and online identifiers, as well as forcing companies to gain people’s explicit consent to use their data.<\/p>\n
It aims to make it easier for citizens to find out what data companies hold on them, and giving them more details about how their data is handled and what it is used for.<\/p>\n
People will also have a right to port all their data from one company to another, and to know when their data has been hacked, as well as the right to be forgotten, which will require companies to delete people’s personal data when asked to.<\/p>\n
These new rules represent dramatic changes to the way businesses are required to handle data, and the consequences for failing to look after such information properly can be drastic.<\/p>\n
Any company that suffers a data breach will face a fine of up to \u20ac20 million or four per cent of their annual global turnover, compared to a maximum existing penalty of \u00a3500,000.<\/p>\n
Latest GDPR news<\/strong><\/p>\n 05\/07\/2017:<\/strong><\/p>\n The vast majority of councils in the UK have not yet allocated budget towards meeting the various requirements of the General Data Protection Regulation (GDPR).<\/p>\n With the regulations coming into force in May 2018, 82% have not earmarked money to deal with implementing the EU data protection rules, which come into force on 25 May 2018. The information came to light following a freedom of information (FoI) request by M-Files Corporation.<\/p>\n The company sent FoI requests to all 32 London boroughs and 44 other local authorities throughout the country, asking councils about their GDPR preparedness.<\/p>\n It found that 76% of London councils have not yet allocated budget towards making provisions to ensure compliance with GDPR, with the same figure for the rest of the country standing at 89% (averaging 82%). Additionally, 56% of the local authorities contacted have still not appointed a data protection officer, despite this being stipulated as a requirement by GDPR for public bodies.<\/p>\n Julian Cook, vice president of UK Business at M-Files, said that the finding point to a “serious lack of awareness” of the importance of GDPR and the challenges it will pose for local government.<\/p>\n “At this stage, we would have expected local authorities to be further along in their preparation efforts, but the data demonstrate that this is far from the case,” he said.\u00a0“Inadequate preparation for GDPR will have serious financial implications if these boroughs ultimately do not comply with the new rules.”<\/p>\n He added that local authorities face a constant struggle to manage a series of diverse responsibilities, often having to work with limited budget and resources.<\/p>\n “Effective data management is often one of the most labour-intensive of these challenges, with local authorities tasked with administering and protecting ever-increasing amounts of sensitive data, such as personally identifiable information (PII),” added Cook.<\/p>\n