Life after GDPR…

If you’re still hurriedly working towards compliance, don’t worry, says partner Matthew Clayton.

Now the deadline of 25 May has passed, for many the panic is over. However, if you are one of the remaining companies (and there are a few) who underestimated how much work was involved and do not believe you have everything in place yet, please don’t be alarmed.

Elizabeth Denham, the Information Commissioner, emphasised in a speech this April that if a company has not got everything in place, the ICO would adopt a conciliatory approach, rather than ruling with an iron rod and using its new enforcement procedures. What is of relevance is the fact that a company is making an effort to comply with GDPR and is not deliberately and persistently flouting the law.

She went on to emphasise that the 25 May was not a hard deadline; it was more a signal for employers to re-focus on their duties when processing data. To that effect, if you are still unsure of your obligations under GDPR in relation to your customers, third parties or employees, it is not too late to get in touch.

Alternatively if you have ‘had a go’ but are unsure if the changes you have introduced fully comply with the GDPR, then we can assist you by carrying out an audit. We will review your practices and policies to make sure everything is in place and highlight any areas of concern.

Matthew heads up our Legal 500-rated employment team. He handles the full range of contentious and non-contentious employment law issues for a client base which includes multi-national companies, owner-managed businesses and not-for-profit organisations. His particular specialisms include complex staff restructurings and employment issues concerning business transfers. He is a member of the Employment Lawyers’ Association, and a GL Ambassador for GFirst LEP.