New EU regulations on data protection will have a significant impact on freight forwarders. The rules will change the way that personal data has to be stored and processed, providing for a single set of data protection rules applying throughout the EU.
The new law will apply to anyone that trades within the EU, extending the scope of data protection regulation to non EU businesses.
The reform will also create a single supervisory body with the power to impose fines of up to 5% of global (not just EU) turnover for data protection breaches. This turns a previously low risk area of compliance into a potentially significant one.
Enforcement will be risk based, with greater scrutiny imposed on businesses dealing with high volumes of personal data or where the consequences of breach could be particularly severe.
Additional data security requirements
Businesses will need to incorporate measures to protect privacy into new technology, software and services will be a legal requirement (known as privacy by design).
Smaller businesses will no longer have to register as a data controller but will be required to maintain more detailed records of data protection policies.
Breaches will have to be reported within 24 hours.
Steps you can take to get ready for the new rules
- Review data protection policies
- Train staff to avoid breaches
- Incorporate data protection requirements into standard terms