Compliance with new data laws is paramount, says Welsh law firm

A leading Welsh law firm has warned that businesses must understand the risks of failing to adhere to new data protection laws if they want to avoid big fines.

Acuity Legal, which is based in Cardiff and Swansea, has raised the warning just a year before the General Data Protection Regulation (GDPR) comes into force.

Introduced to help firms keep in line with today’s increasingly digital world, the new legislation is set to make major changes to data protection requirements – meaning existing practices are unlikely to be adequate.

Regardless of Brexit, this new law will become official on May 25th, 2018. And when this happens, any business holding the personal data of EU citizens must be compliant.

However, if companies ignore this law, they could face fines of up to €20 million or 4 per cent of annual global turnover. Acuity believes that firms should start preparing now.

Kerry Beynon, partner and data security expert at Acuity Legal, said: “The GDPR represents a complete overhaul of data protection as we know it, and a high proportion of businesses could fall foul of the new regulation.

“The stringent penalties for mishandling data are enough to shut businesses down. Incidents like the recent global cyber attack show that any organisation of any size is susceptible to malicious data breaches and vulnerable to reputational risks.

“But it’s not just about the threat of hacking. Basic compliance and using data in the correct way are equally crucial.”

The regulation increases the data rights of everyday individuals and requires organisations to adopt appropriate technical and organisational measures.

They must also implement clear policies and procedures to protect personal data. Acuity Legal, a member of the South Wales Cyber Security Cluster, has launched a new tool to help companies here.

Called Acuity DataGuard, it’s a digital tool and wraparound service that helps businesses and organisations carry out a thorough audit of their data use, identify any potential threats and deal with any data breaches.

The service, which has been developed in collaboration with cyber security specialists Wolfberry and security monitoring firm Pervade Software, launched at the end of last month.

John Davies, director at Pervade Software, said: “By providing risk assessment, security monitoring and penetration testing alongside expert legal advice, Acuity Legal are leading the way in data security with this all-round service.

“Businesses of any size and in any sector will benefit from taking the time now to assess the way they use data, particularly with such a significant overhaul in legislation on the horizon.”

Image credit: Blue Coat Photos