Data Protection

Current EU Regulation on Data Privacy

Published 7 July 2014

Find out how current EU Regulations on data privacy will significantly impact on all organisations.

The big talking point in 2013, and widely regarded as being one of the big information security challenges for 2014, was the change to European Data Privacy rules. It will have significant impact on all organisations.

The need for the changes were launched in October 2013 by the European Council stating that

“It is important to foster the trust of citizens and businesses in the digital economy. The timely adoption of a strong EU General Data Protection framework and the Cyber-security Directive is essential for the completion of the Digital Single Market by 2015.”

The regulation will introduce the most significant change to Data Privacy since the creation of the 1995 European Data Protection Directive which in the UK became the Data Protection Act.

The new regulation was supposed to come into force in April 2014. So where is it?

Delays have occurred in agreeing the framework and governance for the new regulation. Cynics say that European ministers were keen not to rock the boat during the European Parliament elections in May this year. However, it was only in June that the Council of the European Union, formed of the relevant minsters, came to a consensus on some of the finer points of the regulation relating to data transfer and the territorial boundaries of regulation. The regulation is far from being agreed.

The latest rumors are that regulation will be introduced in December 2014 or early 2015. There will be a 2 year grace period for organisations to become compliant, somewhat beyond the vision of the Digital Single Market being completed by 2015. This story has the potential of rumbling on for many months to come.

For more information on how Bridewell’s Data Privacy services can support your organisation, get in touch with our team for a confidential conversation.