GTA University Centre is helping businesses prepare for impending legislative changes that will affect the way personal data can be stored. The EU General Data Protection Regulation (EU GDPR) provides a single, harmonised data privacy law for the European Union. Its aim is to protect our personal right to determine whether, when, how and to whom our personal information is revealed and how it is used.
- What does this mean for Guernsey?
UK organisations have until 25 May 2018 to comply with the new law, or potentially face fines of up to 4% of annual turnover or €20 million. Guernsey will update its own law to reflect these new rules. ‘With the increasing risk of data breaches from cyber attacks, the EU GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states,’ said Kate Sole, programme manager at the GTA. The GTA University Centre is offering a training programme on implementing the EU GDPR and qualifying for the mandatory role of data protection officer under the EU GDPR. The course provides a comprehensive introduction to the requirements of the EU GDPR, and a practical guide to planning, implementing and maintaining an EU GDPR compliance programme. The next scheduled programme dates are in May and October.
- Do all organisations have to comply?
Emma Martins, head of the Channel Island Data Protection regulator, said:
‘The introduction of GDPR will transform the way businesses are able to handle personal data; we are on the verge of huge change in data regulation. ‘I cannot over emphasise the importance of being prepared for this legislation. I particularly want to stress this to the islands’ small to medium sized business communities who may not have access to the legal or compliance expertise and resources available to larger organisations. The new regulations are certainly going to up the game in terms of compliance obligations and there is much greater accountability for data controllers and processors. Wherever personal data is involved, whether that is staff, client or any other information relating to individuals, data protection compliance will have to be considered and built in at the beginning of the process and to a more significant and demonstrable degree.’
- What can we do to prepare?
Garry Fusellier, head of information assurance at the States of Guernsey, said:
‘In May 2018 the General Data Protection Regulations are introduced and anyone dealing with personal data will have to comply. This practitioner’s course will enable anyone to successfully prepare their business in time for its arrival.' ‘It is a well-presented course with first class delivery that will successfully prepare you for the introduction of the GDPR. I recommend any business that deals with personal data to attend.’
The course also supports professional development: delegates who pass the included exams are awarded the ISO 17024-accredited EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications by IBITGQ. For more information, contact Kate Sole on [email protected] or telephone 01481 224570.To book onto our data protection courses please visit:
- Data Protection Seminar (you can choose between a session on 11 May 2017, or 4 October 2017)
- EU GDPR Foundation & Practitioner (you can attend a 5 day face-to-face course from 15 - 19 May 2017, or 9 - 13 October 2017)
- EU GDPR Foundation & Practitioner (this is a 5-day online-only course available on the following start dates: 15 May 2017; 4 September 2017; 8 January 2018)