The CQC has a wide range of criminal enforcement powers which include the power to prosecute and issue fixed penalty notices or simple cautions to organisations and individuals. These powers are, however, limited to registered providers and certain...
The General Data Protection Regulation (GDPR) will come into force in the UK on 25 May 2018. The GDPR is a new law that significantly extends and strengthens the current law regarding data privacy. The new regime is, in part, intended to force a cultural change in how organisations protect the personal data of private individuals and bring the law up to date with advances in technology. It is much stricter than the current regime and the ICO will have the power to impose much greater financial penalties for non-compliance of up to 4% of your annual global turnover for the preceding financial year or £18 million – whichever is greater.
All organisations that hold and process personal data must be compliant. They will also be required to actively demonstrate compliance with the new regulations. It is crucial that all organisations take action now in order to adequately prepare for the GDPR as well as maintaining and demonstrating compliance from 25 May 2018 onwards.