skip to navigationskip to main content

Phone: 0141 248 7411 

Email:

Choosing a Service

Choosing an accountant that matches your needs

Sectors

Robb Ferguson provides specialist advice for...

icon-free-consultation

Free Initial Consultation

Understanding your accountancy requirements

Request a Callback

Lets talk at a more convenient time for you

Bye bye GDPR?

Expect change. The General Data Protection Regulation (GDPR) is getting a post-Brexit makeover as new data protection rules are planned.

The Data Protection and Digital Information Bill is set to amend existing legislation – such as UK GDPR. The government says this will reduce the burden on businesses, replacing a ‘one-size-fits-all’ approach with risk-based compliance. As well as updating and simplifying the data protection framework, the aim is to give the flexibility to drive greater innovation. Headline issues include:

  • replacement of the requirement to appoint a Data Protection Officer, with a new requirement to appoint a senior responsible individual. Organisations carrying out ‘low risk’ processing activities will not need to make this appointment 
  • new requirements on record keeping, with controllers or processors employing fewer than 250 people exempt from the duty to keep records unless carrying out high risk processing
  • changed procedures around data subject access requests, giving more grounds for a business to refuse or charge for these
  • data protection impact assessments to be replaced by an assessment of high risk processing.

A change to the regulatory body, the Information Commissioner’s Office, is planned, with its powers transferred to a new body, the Information Commission.

Whilst a broad outline of proposals is starting to emerge, at this stage, there are two things to bear in mind. The first is that details may yet change before the Bill becomes law. The second is the European dimension. UK businesses operating in both the EEA and the UK will need to make sure they are compliant in each. Further, the free flow of personal data from Europe is currently guaranteed by the EU’s ‘Adequacy’ decision, but the government acknowledges that ‘As the UK diverges from EU GDPR, the risk that the EU revokes its Adequacy decision increases.’ This is a point businesses engaging with the EU will want to keep under review.

Easing into new rules is always a concern and we are on hand to assist. Please don’t hesitate to get in touch.

Not everything is equal – true. But maybe being equal is simply not good enough?

Our Philosophy

We’re a dedicated team which strives to provide success to our clients in regards to all their accountancy needs.

Meet our team