Meet the team
Meet The Accountancy Team Martin Smith
Martin Smith Accountant Dale Pollitt
Dale Pollitt Accountant Keith Bell
Keith Bell Accountant

Business services

Personal services

Financial management

Specialist sectors

Resources

See our range of online tax calculators,calendars,downloadable forms and information regarding tax rates and allowances

Go to Resources

Blog

Read up on the latest from ryans and the accountancy world keeping you up to date on the latest in the world of accounting.

Go to Blog

GDPR legislation takes effect

25 May 2018|Related :

On 25 May 2018, a new set of data protection rules came into force, placing greater obligations on businesses that handle personal data.

‘What is GDPR?’ you may ask. Allow us to explain…

The General Data Protection Regulation (GDPR) was designed to “harmonise” data protection across the EU, and to give individuals more rights regarding their personal data.

This includes the right to:

  • receive information about how businesses use their data
  • withdraw or change the data businesses hold on them
  • object to businesses processing their information.

It also introduced stricter rules for reporting data breaches and informing individuals who may be affected.

The GDPR applies to any organisation within the EU, or dealing with the personal data of EU citizens. Despite Britain’s exit from the EU, the same rules still apply to British organisations and citizens.

Businesses that are not compliant with the rules could face fines up to a maximum of €20 million or 4% of the company’s annual turnover.

However, penalties will be at the discretion of the Information Commissioner’s Office (ICO), which has emphasised that fines will only be issued as a last resort.

What impact has GDPR had over the last two years?

Two years since the implementation of GDPR, the UK and all EU states apart from Slovenia have adopted it into their national data protection laws.

As great as this may sound, unfortunately, the implementation has been inconsistent, causing fragmentation. This affects cross-border business, especially those developing new technology and cybersecurity.

This is down to member states being responsible for managing human, financial and technical resources of their national data protection authorities. 

Although Iceland, the Netherlands, Finland, Ireland and Luxembourg have had a positive uptake and understanding of the legislation, many other countries are falling behind.

A report by the European Commission states “The situation is still uneven between member states and is not yet satisfactory overall.”

How are companies adapting?

Whilst large companies are adapting well to GDPR, small and medium sized enterprises (SMEs) are finding it more challenging to understand and comply. The European Commission suggests more data protection authorities should be providing tools to help SMEs.

Despite there being problems with fragmentation and small businesses struggling, the Commision still considers GDPR to be a success.

Didier Reynders, European Commissioner for Justice said:

“The GDPR has successfully met its objectives and has become a reference point across the world for countries that want to grant to their citizens a high level of protection. We can do better though, as today’s report shows.

The Commission will monitor progress, in close cooperation with the European Data Protection Board and in its regular exchanges with member states, so that the GDPR can deliver its full potential.”

Visit the ICO website for more information.

Made by Statuo