EU Data Protection Regulation Update
Natalie Ruane provides an update on the planned EU Data Protection Regulation.
The Council of Ministers in the EU has agreed the proposals for the draft EU Data Protection Regulation. The Council's proposals include:
- Reducing fines for non-compliance from 5% of gross revenue to 2%
- Regulations to apply to any business (EU or non EU business) offering goods or services to individuals within the EU
- Consent must be unambiguous. Explicit consent only required for sensitive personal data.
- Further measures to help protect the data controller.
- Notifiications to made to Data Protection Officer within 72 hours as opposed to 24 hours of data breach
These changes are intended for late 2015 / 2016 and could be subject to revision. The new regulations are intended to update the current Data Protection directive. It is estimated that only half of the UK IT decision makers are aware of the new regulations.
About the author
Natalie is a Partner and leads the Employment Law & HR team and specialises in education.
Published: Thursday 6th August 2015
Categorised: Information Law