At this point, the General Data Protection Regulations coming into force in May of next year should be firmly on your radar. However, the difficulty facing many employers will be how to ensure that employees at all levels stick to the new regulations and not just the senior management team. This is especially vital given that the regulations require businesses to report data breaches within 72 hours. This means employees will need to know what constitutes a data breach under the new regulations and how to report this. The potential fallout that could follow non-compliance is also much greater than under the Data Protection Act; breaches of some of the provisions could lead to fines of up to €20 million or 4% of the global annual turnover.
Training and widespread policy distribution will be vital in ensuring that all employees are aware of their obligations under the new regulations. However, evidence suggests that a large number of businesses are planning on going a step further. The Veritas 2017 GDPR Report surveyed 900 businesses across the UK, France, Germany, Australia and Singapore to understand how prepared businesses are for the impending changes. This report found that, of the businesses surveyed:
- 47% will add mandatory GDPR policy adherence into employees’ contracts
- 34% plan to reward employees for complying with GDPR policies
- 41% plan to implement disciplinary procedures where GDPR policies are violated
- 25% would consider withholding benefits such as bonuses
Whatever method is chosen, it is clear is that employers are starting to think seriously about how they can ensure compliance business-wide. If you have any questions about the effects of GDPR on your organisation or think some training could help you to prepare, get in touch with your dedicated Employment Solicitor today.
We are running regular training sessions on GDPR, if you would like to find out more, click here!