The Information Commissioner’s Office (ICO) has expanded their General Data Protection regulation (GDPR) guidance page on personal data breaches which includes useful checklists on preparing and responding to a personal data breach.
Three new pages have also been added to the lawful basis section of ICO’s guidance. You must have a valid lawful basis in order to process personal data and there are six available:
• Contract • Legal obligation • Vital interests
• Legitimate interests • Special category data • Criminal offence data
The ICO has added three new pages in the lawful basis section, covering contract, legal obligation and vital interests.
CIPP comment GDPR (General Data Protection Regulation) should be on the radar of all businesses – it comes in to force on 25 May 2018 and applies to all EU and foreign companies that offer services to individuals in the EU (regardless of what happens with the Brexit negotiations). Sanctions for non-reporting of a data breach under GDPR are steep – up to approximately £7m or 2% of global turnover, whichever is greater.
The CIPP’s Payroll Need to Know (a benefit for members only) contains all the latest information on GDPR – go to My CIPP on our website to access the journal.
The CIPP also run a half day training course which will help delegates understand and prepare for the changes, including how they affect payroll and HR functions, so that they can help their organisations become fully compliant by 25 May 2018.
Back to Contents
Restricting the disclosure of your home address 2 May 2018
If your home address is publicly available on company documents you can apply to Companies House to restrict the disclosure of your home address, as long as it has not been used as your company’s registered office.
Accountancy Daily highlighted that Companies House is alerting individuals to a change to the data suppression laws which will help them remove their home address from publicly available company documents.
“This applies to company directors and others such as secretaries, people with significant control (PSC) and LLP members, whose home address is publicly available on company documents. Anyone who wants to remove their home address can apply at a cost of £55 for each document they want to suppress.”
Companies House guidance on restricting the disclosure of your home address is available to view on GOV.UK.
Back to Contents
Do I need to get fresh consent for everything under GDPR? 15 May 2018
The Chartered Institute of Payroll Professionals
Payroll: need to know
cipp.org.uk
Page 60 of 598
Made with FlippingBook - Online magazine maker