CLOSE

EN

New data protection legislation published to fundamentally alter UK GDPR

UK Parliament and British flag
The UK government has published its response to the data protection consultation

Response to the UK GDPR consultation published

The government have published the draft legislation to amend the data protection regime in the UK. The Data Protection and Digital Information Bill (DPDIB), which was introduced to Parliament just before the summer recess and before the appointment of the new government in September, would modify the existing UK version of GDPR and cause some significant areas of diversion with EU GDPR. Earlier this year, VinciWorks outlined the key changes that were expected to be made. The aim of the new UK data protection legislation is to ease GDPR requirements for companies and make them less burdensome.

What are the key changes the UK data protection bill seeks to introduce?

Among other things, the changes will:

  • amend the definition of personal data
  • use AI to process sensitive data and other information
  • add new legitimate interests
  • remove the requirement for cookie consent
  • amend accountability requirements
  • remove the need to appoint a data protection officer
  • charge fees to access your own data
  • remove record-keeping requirements
  • reform of the Information Commissioner’s Office (ICO)
  • raise fines for PECR breaches

Even though the bill proposes widespread changes, it actually preserves the existing UK GDPR and the PECR, as it was drafted as an amending act rather than a completely new legislative instrument.

In addition, there is a chance that political factors could stymie the bill. If an election is called prior to the bill receiving royal assent, it won’t become law. The UK’s adequacy status with the EU remains a question, even though the government has expressed the opinion it is entirely possible to retain it.

New courses and resources coming soon

VinciWorks is closely following the legislation and will, in the coming weeks and months, be releasing new updated resources, guides and a completely revised UK GDPR course that will reflect the changes and keep you and your organisation aware of everything you need to know about the updated bill. 

Stay updated 

You can keep up with the latest via our blog and through the Regulatory Agenda that we publish, which documents new and important compliance regulations.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

Follow us

LinkedIn

YouTube

Phone

UK 020 8815 9308

Address

20 Grosvenor Place

London

SW1X 7HN

United Kingdom

Email

[email protected]

Experience Exceptional.

Contact us

Library

product

INDUSTRY

Resources

© 2024 VinciWorks

Learning that matters.

Software that works.

Explore
Request a demo

Follow us

LinkedIn
Youtube

Address

20 Grosvenor Place
London
SW1X 7HN
United Kingdom

Phone

UK 020 8815 9308

Email

[email protected]

Experience Excellence.

Contact us

Library

INDUSTRY

product

Resources

ABOUT US

© 2024 VinciWorks