New data protection rules set to have big impact

By Noli Dinkovski contact

- Last updated on GMT

New data protection rules will be be backed by severe penalities
New data protection rules will be be backed by severe penalities

Related tags: Law

Newly-agreed EU data protection laws will significantly increase the regulatory burden on food and drink businesses, a legal specialist has warned.

Hailed as the most important change to data protection in the UK and EU since 1995, the European General Data Protection Regulation (GDPR) will require firms to adhere to much tighter laws, claimed Sean Crotty, a partner specialising in data protection law at legal firm Weightmans.

Changes to the law include more rigorous processes for an individual’s consent of data usage, and a ‘right of erasure’ if an individual withdraws consent.

Data breach requirements have also been considerably tightened. Under the new law, authorities will need to be informed about breaches within 72 hours – and potential fines have been increased from a maximum of £500,000 to £20M, or 4% of annual turnover (whichever is the greater).

Need to appoint data protection officer

Meanwhile, all companies with more than 250 employees will need to appoint a data protection officer.

While the law isn’t expected to come into force until 2018, Crotty advised companies to start preparing for the changes soon.

“The food manufacturing industry, like many other similar industries that are already burdened by regulation, will feel the impact of the GDPR,”​ he said.

A chief driver of the GDPR is to standardise data protection law across EU Member States. However, Crotty said it might also affect non-European companies if, for example, they were monitoring or processing personal data of European nationals.

Concern and benefit

“Although some international food manufacturers may welcome such uniformity across group companies, while older UK-based food manufacturers may have the opposite reaction, there is also a concern that the increased burden provided by the GDPR may offset any potential benefit,” ​Crotty said.

“Therefore, start preparing now – the GDPR will be with us sooner than you think.”

Adrian Davis, principal analyst at think-tank the Information Security Forum, suggested getting privacy policies, procedures and documentation in order and keep them up to date, as data protection authorities will be able to ask for these at any time.

He also advised forming a governance group that oversaw all privacy activities, led by a senior manager or executive.

Related topics: Legal, IT

Related news

Show more

Related products

show more

Modern ERP system enables food waste reduction

Modern ERP system enables food waste reduction

Epicor | 05-Sep-2019 | Technical / White Paper

We’re all becoming increasingly aware and mindful of wastage in our personal lives. Food waste is already a significant concern for the food and beverage...

Industry report: Food for thought

Industry report: Food for thought

Columbus | 09-May-2019 | Technical / White Paper

A global industry report exploring challenges affecting food companies today and technologies that will help future-proof their businesses.

Adulteration-and-contamination-white-paper

Adulteration versus contamination, protecting our food

Fera Science Ltd. | 30-Oct-2017 | Technical / White Paper

Adulteration affects the confidence of the public as well as business. Meat products are one of the most commonly adulterated foods – we review the challenges...

Related suppliers

Follow us

Featured Events

View more

Products

View more

Webinars