Impact of EU-GDPR on Local Authorities in the UK

ADSHEAD, Deborah (2016). Impact of EU-GDPR on Local Authorities in the UK. Masters, Sheffield Hallam University.

[img]
Preview
PDF
Adshead impactofeu.pdf - Accepted Version
Available under License All rights reserved.

Download (1MB) | Preview

Abstract

This research explores the EU General Data Protection Regulation (2016/679) (GDPR), due to come into force in May 2018, and its impact on UK local authorities. Its key objectives were to identify how the pending changes to data protection legislation might impact on current compliance procedures and policies. Its aim was to provide recommendations for local authorities regarding the key issues in order to minimise the risk of non-compliance with the new law by being better informed of the obligations the new rules impose on data controllers. The study first looked at the structure of the EU and the procedure for introducing new laws, to understand the provenance and supremacy of the legislation. It then looked at the political and legal background regarding data protection and compared the previous and existing legislation to the new Regulation to evaluate the amount of change likely. Consideration was then given to the current compliance situation in local authorities. Studies conducted by the ICO and Big Brother Watch identified major problems in some local authorities with breaches of the Data Protection Act resulting in considerable fines totalling in the millions. Whilst key principles of data protection will remain the same the new regulation will introduce important changes requiring greater vigilance over compliance if fines are to be avoided. One is the compulsory requirement to report data breaches, which could pose a serious problem in many local authorities. According to Big Brother Watch, 38% reported never having had a breach; at best this means they have little experience of dealing with one, at worst there could be more fines to come. The new law imposes a distinct change of direction, from educating organisations after a breach has occurred to requiring proof they took adequate measures to avoid one. This will necessitate implementing clear policies, recording any incidents, training staff adequately and having full accountability throughout the organisation. To avoid further losses to public sector services it is essential that local authorities make the needed changes to meet the new law.

Item Type: Thesis (Masters)
Research Institute, Centre or Group: Sheffield Hallam Doctoral Theses
Depositing User: Helen Garner
Date Deposited: 21 Apr 2017 10:46
Last Modified: 21 Apr 2017 18:57
URI: http://shura.shu.ac.uk/id/eprint/15590

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics