GDPR is an opportunity to better understand the value of data, says Ward Hadaway
13th April 2018
Data is without doubt the currency that now underpins the digital economy and GDPR recognises today's data-driven world and advances in technology over the last 20 years, says Ward Hadaway.
For businesses already familiar with the current data protection regime (Data Protection Act 1998), GDPR represents an evolution rather than a revolution in approach. The changes will likely mean that all businesses will need to assess what personal data they collect, why they collect it, what they do with it and how they dispose of it.
Paul Johnson, Corporate Partner at Ward Hadaway’s Manchester office, said: “As fast-growing businesses across Greater Manchester look to grow revenue by reaching out to new customers, GDPR compliance becomes ever more important, not just to avoid fines, but to ensure that vital customer information is secure and protected.”
Gareth Yates, Commercial Partner at Ward Hadaway, added: “Whilst GDPR is a European law, businesses should not consider they can ignore it given the possibility of Brexit. Theresa May stated clearly at the beginning of March 2018 that data protection was one of the five key foundations that would underpin the future relationship between the UK and the EU.
“Businesses should therefore regard any investment into moving towards GDPR compliance as a long-term investment, as any future data protection laws in the UK are unlikely to differ greatly from GDPR.
He added that data protection is increasing in importance for individuals.
“Consequently, businesses at all stages of the supply chain need to consider how GDPR may affect their internal data (e.g. employee records) and external data (e.g. their own or third parties’ customer data).
“The sanctions for failing to comply with GDPR consist not only of the headline grabbing fines, but are also likely to include negative publicity and the costs of dealing with non-compliance (e.g. compensation to affected individuals) – factors which will probably have more business impact than the fines themselves.”
So why is GDPR being introduced?
Mr Yates said: “Put simply, there is more data around now than ever before and without access to that data businesses cannot function. If you consider that the impact to your business of not being able to access any of your employees’ or customers’ personal data would have a significant, detrimental impact to your day-to-day trading then you should take GDPR very seriously and ensure your business has implemented appropriate measures to protect your position.
“GDPR balances businesses’ needs to use personal data with the rights of the individuals whose data is being collected. Thankfully, the provisions within GDPR are founded on six common sense principles – which even if GDPR was not coming into force, most business would regard as prudent measures anyway.”
The Information Commissioner’s Office has put together some extremely useful guidance on GDPR and this is freely available through its website – www.ico.org.uk
The Manchester Fastest 50 2018 takes place at the Museum of Science and Industry on Friday, May 18th, where awards will be handed out to the fastest-growing small, medium-sized and large businesses for companies with annual turnover of between £1m and £7.5m, between £7.5m and £15m and over £15m respectively.