New European data protection regulations herald major changes from 2018

January 6, 2016

Businesses both within, and transacting with, the EU need to plan to manage the significant impact and major penalty regime of the new regulations.

The Data Protection Directive of 1995 provided only for a basic level of security measures relating to data protection on which EU member states could improve, if they so wished, which resulted in differing approaches and regimes within the member states.  The new regulations, drafted in January 2016 (see article here), are designed to provide a more uniform approach.

What are the main changes?

Impact on international data transfers

The position on international data transfers has not materially changed although the EU Commission, in assessing whether countries outside the EU have adequate legal protections for EU citizens’ data, will specifically have to take account of national security laws and the availability of effective redress for individuals.  This is the result of the Schrems Decision where the Court of Justice in the European Community (CJEU) ruled that the Safe Harbor agreements in the US no longer provided adequate protection for EU citizens for data transferred to and processed in the USA (see articles here and here).

Impact on your business

The Regulations are likely to take effect from early to mid-2018, so businesses should assess now how they need to change their policies, systems and processes to make them compliant.

Amongst other services, we can assist with:

Further information

Should you require assistance in assessing how to revise your Data Protection policies to align with the new rules, please contact a member of the Abbiss Cadres team on +44 (0) 203 051 5711 or send an email.

Disclaimer

Content is for general information purposes only. The information provided is not intended to be comprehensive and it does not constitute or contain legal or other advice. If you require assistance in relation to any issue please seek specific advice relevant to your particular circumstances. In particular, no responsibility shall be accepted by the authors or by Abbiss Cadres LLP for any losses occasioned by reliance on any content appearing on or accessible from this article. For further legal information click here.

Circular 230 disclosure

To ensure compliance with requirements imposed by the IRS and other taxing authorities, we inform you that any tax advice contained in this article (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties that may be imposed on any taxpayer or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.

Category:

CELIA Alliance
CELIA Alliance members are identified here. Members of the CELIA Alliance are each independent law firms and do not practice law jointly with any other member of the CELIA Alliance. “CELIA Alliance” and “CELIA” are not trading names. For more information about the CELIA Alliance click here.

Disclaimer
Content is for general information purposes only. The information provided is not intended to be comprehensive and it does not constitute or contain legal or other advice. If you require assistance in relation to any issue please seek specific advice relevant to your particular circumstances. In particular, no responsibility shall be accepted by the authors or by Abbiss Cadres LLP for any losses occasioned by reliance on any content appearing on or accessible from this newsletter. For further legal information click here.

Copying
If you would like to copy or otherwise reproduce this article then you may do so provided that: (1) any such copy or reproduction is for your own personal use or if it is made available to any third party it is done so on a free of charge basis; and (2) the article is reproduced in full together with the contact details, disclaimer and any logos as they appear on each article.

Leave a Reply

Your email address will not be published. Required fields are marked *