It has now been over five years since the GDPR (General Data Protection Regulation) came into force – and with it a major shift in what was expected of organisations when it comes to data protection compliance.
Although the GDPR was originally a European regulation, the standards and principles it set out have been transposed into UK law through the Data Protection Act 2018, which introduced a new UK GDPR.
Since then in the intervening period, employers have navigated the COVID pandemic and massive changes to the way we work with the increase in hybrid working, which has inevitably led to changes in the way they hold and utilise data. From our experience advising clients on their data protection compliance obligations over these last five years, here are our top tips when it comes to managing data protection issues in the workplace:
We often say that compliance is a journey, not a destination. It requires an ongoing commitment and if the team at Burness Paull can help you along the way please do not hesitate to get in touch. In particular, now might be a good time to consider carrying out an organisation-wide privacy audit / compliance “health check” through our newly established Data Protection Consultancy practice. If that sounds of interest, you can contact us here to arrange a time to discuss further.
For further information on how we can assist with any subject access request queries, please see here.
Written by
Related News, Insights & Events
Cyber attacks and the threat of insolvency
M&S cyber attack shows how breaches can cripple firms, risking insolvency, reputations and huge financial loss.
M&S ransomware attack – what can housebuilders learn?
While retailers appear to be flavour of the month for attackers at the moment, the housebuilding sector is not immune to this risk.
Cyber security breaches survey 2025 - the key takeaways for charities
The blog offers a summary and analysis of the Cyber Security Breaches Survey 2025, with a focus on the UK charity sector.
