GDPR Update

The UK Information Commissioner, Elizabeth Denham said:

“There is a lot in the GDPR you will recognise from the current law, but make no mistake; this one is a game changer for everyone”

Elizabeth Denham

The EU General Data Protection Regulation (GDPR) will come into force on 25 May 2018. As the purposes of GDPR include reshaping the way organisations across the EU approach data privacy, we understand that you will:

- have questions regarding the data we process and hold on your behalf; and
- need to gain assurance on the steps we are taking to ensure our own compliance with GDPR.

With this in mind, we are already a significant distance along our roadmap to achieve GDPR compliance. This communication describes the steps we have already taken, together with those that will be completed ahead of the implementation date.

Throgmorton GDPR activity

A dedicated data protection working group was set up in 2017 to assess the implications for our business and for our clients. That group has identified a number of items to be completed ahead of the implementation date to ensure compliance with GDPR and so that we continue to operate to the highest professional standards. The material items are:

1. review of client contracts to reflect GDPR requirements - this is almost finalised and proposed revisions will be circulated to all clients ahead of the implementation date;
2. data/system review to ensure compliance with all aspects of the new requirements – a data mapping exercise has been completed and specific changes to processes approved;
3. update all policies and internal procedures – updates will be finalised by 30 April 2018. Where we can share these policies with you we will on request;
4. review and amendment of contractual provisions with our supplier base;
5. realignment of existing Subject Access Requests procedures to the requirements of GDPR – the revised procedures will be implemented and tested ahead of the implementation date to ensure we can adhere to the shortened response timetable;
6. publication of revised Privacy Notice on our website; and
7. delivery of training to all members of staff – to be delivered by 30 April 2018.

The UK has set the gold standard under existing Data Protection law and Throgmorton remains committed to maintaining these standards across our business.

Should you have any GDPR related queries, please direct these in the first instance to my colleague Ben Tallick whose details are below.

With kind regards

Andrew Rubio
Non-Executive Chairman

Ben Tallick   +44 (0) 118 921 7 665 /

To download a pdf version of this publication please click HERE

<previous                                                                                                                                                                     next> 

The information in this notice is intended for general guidance only. Throgmorton does not accept any responsibility for losses incurred to any person acting or refraining to act as a result of the information in this notice. Advice should be taken in the context of specific circumstances.