On 25 May 2018, the General Data Protection Regulation (GDPR) comes into effect.

As a result, all personal data will now be regulated under the stricter GDPR, meaning more stringent guidelines and procedures must be adopted. GDPR applies to all organisations that hold and process personal data. Failure to comply with GDPR can result in fines of up to €20 million or 4% of annual turnover for the most serious contraventions.

The Information Commissioner’s Office (ICO) stated that “GDPR is an evolution of the current Data Protection Act (1998)” and that the “new law gives people more control about how their data is used, shared and stored and requires organisations to be more accountable and transparent about how they use it”.

Going forward, organisations need to embrace a culture of transparency as to how they use personal data. Projects involving personal data should be automatically assessed and it is important that all staff is trained and knows how to deal with any issues that may arise.

To continue to assist you, we have a number of GDPR HR related guidance documents available to our members. These include:

  • Letter from Employer enclosing GDPR data policy to recruit
  • Letter from Employer enclosing GDPR data policy to employee
  • GDPR Privacy Notice (Recruit)
  • GDPR Privacy Notice (employee)

Please email louise.woods@rmif.co.uk to request any of the documents.

NFDA members must continue to take GDPR seriously and contact our dedicated GDPR helpline on 01788 538304 if they need any assistance.

Further guidance can also be found on the ICO’s website: https://ico.org.uk/