{"id":173046,"date":"2022-07-29T02:57:13","date_gmt":"2022-07-29T01:57:13","guid":{"rendered":"https:\/\/legalvision.co.uk\/?p=173046"},"modified":"2024-05-15T06:24:48","modified_gmt":"2024-05-15T05:24:48","slug":"three-major-gdpr-challenges","status":"publish","type":"post","link":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/","title":{"rendered":"Three Major Challenges Companies Face in England Under the GDPR"},"content":{"rendered":"\n<p>Your business must comply with data protection rules to protect your staff and customers and avoid receiving fines. The General Data Protection Regulation (GDPR) establishes the data protection rules for organisations in England. Data protection law in England is complex and requires proactive measures by businesses to ensure full compliance. This article will focus on three of the biggest GDPR-related challenges companies in England face so your business can overcome them.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why Does GDPR Compliance Matter?<\/h2>\n\n\n\n<p>Primarily, GDPR compliance guarantees your organisation is processing all information securely and safely. Furthermore, compliance ensures you avoid the <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/ico-decide-fine-company\/\">risk of receiving a fine<\/a> from the <a href=\"https:\/\/ico.org.uk\/\">Information Commissioner&#8217;s Office<\/a> (ICO). The ICO enforces data protection laws, including the GDPR, and any breach of those rules can lead to a hefty fine up to \u00a317.5m.<\/p>\n\n\n\n<p>Let us consider three significant challenges companies encounter and how best to overcome them.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Handling Subject Access Requests Safely<\/h2>\n\n\n\n<p>A Subject Access Request (SAR) is a written request for all information a business holds on a specified individual. Usually, the individual is a customer or staff member.&nbsp;<\/p>\n\n\n\n<div  class=\"box box--icon box--info\">\n    <!-- wp:paragraph -->\n<p>The <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/seven-main-gdpr-principles\/\">GDPR<\/a> issue the following requirements for SARs:<\/p>\n<!-- \/wp:paragraph --> <!-- wp:list -->\n<ul>\n<li>provide the required information within one calendar month of the request (subject to limited exceptions);<\/li>\n<li>only withhold documentation in limited circumstances (such as where legal privilege applies to emails containing legal advice between your company and any lawyer); and<\/li>\n<li>only redact information where genuinely required.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<p>Many genuine questions can arise from reading the above three points, such as:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>the limited exceptions to the one-month rule;<\/li>\n\n\n\n<li>what legal advice constitutes; and<\/li>\n\n\n\n<li>how to safely redact information.\u00a0<\/li>\n<\/ul>\n\n\n\n<p>The appropriate method to resolve these issues will vary according to the case&#8217;s unique circumstances. Therefore, you may need to seek legal assistance.&nbsp;<\/p>\n\n\n\n\n<a href=\"#content-next\"\n   class=\"block p-4 mt-10 text-xl font-bold text-center text-white no-underline bg-gray-800 rounded-t-xl\">\n    Continue reading this article below the form\n    <i class=\"text-xl fa-regular fa-arrow-down\"><\/i>\n<\/a>\n<div class=\"px-6 pt-10 pb-12 mb-10 text-center bg-gray-100 rounded-b-xl sm:px-12 test\">\n    <div class=\"mb-8 text-2xl font-bold text-orange\">\n        Need legal advice?\n        <br>\n        <span class=\"text-lg not-prose\">\n                            Call <a href=\"tel:+448081968584\" class=\"not-prose\">0808 196 8584<\/a> for urgent assistance.\n                <br>\n                Otherwise, complete this form, and we will contact you within one business day.\n                    <\/span>\n    <\/div>\n\n    \n\n<div class=\"not-prose flex justify-center text-left gform_input_bg_white    \">\n    <script>\nvar gform;gform||(document.addEventListener(\"gform_main_scripts_loaded\",function(){gform.scriptsLoaded=!0}),document.addEventListener(\"gform\/theme\/scripts_loaded\",function(){gform.themeScriptsLoaded=!0}),window.addEventListener(\"DOMContentLoaded\",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,themeScriptsLoaded:!1,isFormEditor:()=>\"function\"==typeof InitializeEditor,callIfLoaded:function(o){return!(!gform.domLoaded||!gform.scriptsLoaded||!gform.themeScriptsLoaded&&!gform.isFormEditor()||(gform.isFormEditor()&&console.warn(\"The use of gform.initializeOnLoaded() is deprecated in the form editor context and will be removed in Gravity Forms 3.1.\"),o(),0))},initializeOnLoaded:function(o){gform.callIfLoaded(o)||(document.addEventListener(\"gform_main_scripts_loaded\",()=>{gform.scriptsLoaded=!0,gform.callIfLoaded(o)}),document.addEventListener(\"gform\/theme\/scripts_loaded\",()=>{gform.themeScriptsLoaded=!0,gform.callIfLoaded(o)}),window.addEventListener(\"DOMContentLoaded\",()=>{gform.domLoaded=!0,gform.callIfLoaded(o)}))},hooks:{action:{},filter:{}},addAction:function(o,r,e,t){gform.addHook(\"action\",o,r,e,t)},addFilter:function(o,r,e,t){gform.addHook(\"filter\",o,r,e,t)},doAction:function(o){gform.doHook(\"action\",o,arguments)},applyFilters:function(o){return gform.doHook(\"filter\",o,arguments)},removeAction:function(o,r){gform.removeHook(\"action\",o,r)},removeFilter:function(o,r,e){gform.removeHook(\"filter\",o,r,e)},addHook:function(o,r,e,t,n){null==gform.hooks[o][r]&&(gform.hooks[o][r]=[]);var d=gform.hooks[o][r];null==n&&(n=r+\"_\"+d.length),gform.hooks[o][r].push({tag:n,callable:e,priority:t=null==t?10:t})},doHook:function(r,o,e){var t;if(e=Array.prototype.slice.call(e,1),null!=gform.hooks[r][o]&&((o=gform.hooks[r][o]).sort(function(o,r){return o.priority-r.priority}),o.forEach(function(o){\"function\"!=typeof(t=o.callable)&&(t=window[t]),\"action\"==r?t.apply(null,e):e[0]=t.apply(null,e)})),\"filter\"==r)return e[0]},removeHook:function(o,r,t,n){var e;null!=gform.hooks[o][r]&&(e=(e=gform.hooks[o][r]).filter(function(o,r,e){return!!(null!=n&&n!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][r]=e)}});\n<\/script>\n\n                <div class='gf_browser_chrome gform_wrapper gravity-theme gform-theme--no-framework lawyer-form_wrapper gplaceholder_wrapper form-with-labels-no-asterisks_wrapper has-new-validation-error-styling_wrapper' data-form-theme='gravity-theme' data-form-index='0' id='gform_wrapper_2453' style='display:none'><div id='gf_2453' class='gform_anchor' tabindex='-1'><\/div><form method='post' enctype='multipart\/form-data' target='gform_ajax_frame_2453' id='gform_2453' class='lawyer-form gplaceholder form-with-labels-no-asterisks has-new-validation-error-styling' action='\/api\/wp\/v2\/posts\/173046#gf_2453' data-formid='2453' novalidate>\n                        <div class='gform-body gform_body'><div id='gform_fields_2453' class='gform_fields top_label form_sublabel_below description_below validation_below'><div id=\"field_2453_1000\" class=\"gfield gfield--type-honeypot gform_validation_container field_sublabel_below gfield--has-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1000'>Email<\/label><div class='ginput_container'><input name='input_1000' id='input_2453_1000' type='text' value='' autocomplete='new-password'\/><\/div><div class='gfield_description' id='gfield_description_2453_1000'>This field is for validation purposes and should be left unchanged.<\/div><\/div><div id=\"field_2453_1\" class=\"gfield gfield--type-text gfield--input-type-text gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1'>First Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_1' id='input_2453_1' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_12\" class=\"gfield gfield--type-text gfield--input-type-text gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_12'>Last Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_12' id='input_2453_12' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_2\" class=\"gfield gfield--type-email gfield--input-type-email gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_2'>Email Address<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_email'>\n                            <input name='input_2' id='input_2453_2' type='email' value='' class='medium'    aria-required=\"true\" aria-invalid=\"false\"  \/>\n                        <\/div><\/div><div id=\"field_2453_3\" class=\"gfield gfield--type-phone gfield--input-type-phone gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_3'>Phone<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_phone'><input name='input_3' id='input_2453_3' type='tel' value='' class='medium'   aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_14\" class=\"gfield gfield--type-select gfield--input-type-select gfield--width-full custom-select gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_14'>Number of Employees in Your Business<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_select'><select name='input_14' id='input_2453_14' class='large gfield_select'    aria-required=\"true\" aria-invalid=\"false\" ><option value='' selected='selected'>Select ...<\/option><option value='0' >0<\/option><option value='1' >1-5<\/option><option value='6' >6-20<\/option><option value='21' >21-50<\/option><option value='51' >51-250<\/option><option value='250' >250+<\/option><\/select><\/div><\/div><div id=\"field_2453_4\" class=\"gfield gfield--type-textarea gfield--input-type-textarea gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_4'>Tell us about your enquiry<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_4' id='input_2453_4' class='textarea medium'     aria-required=\"true\" aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/div><div id=\"field_2453_5\" class=\"gfield gfield--type-html gfield--input-type-html gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  >By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. View our <a href=\"https:\/\/legalvision.co.uk\/privacy-notice\/\" target=\"_blank\">Privacy Policy<\/a>. <\/div><div id=\"field_2453_8\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_8' id='input_2453_8' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='http:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/173046' \/><\/div><\/div><div id=\"field_2453_13\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_13' id='input_2453_13' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='generic_form' \/><\/div><\/div><fieldset id=\"field_2453_999\" class=\"gfield gfield--type-checkbox gfield--type-choice gfield__uk-marketo-opt-in field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><legend class='gfield_label gform-field-label screen-reader-text' ><\/legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox ' id='input_2453_999'><div class='gchoice gchoice_2453_999_1'>\n\t\t\t\t\t\t\t\t<input class='gfield-choice-input' name='input_999.1' type='checkbox'  value='1'  id='choice_2453_999_1'   \/>\n\t\t\t\t\t\t\t\t<label for='choice_2453_999_1' id='label_2453_999_1' class='gform-field-label gform-field-label--type-inline'>By submitting this form, you agree to receive content and event invitations from us to help you grow your business. If you do not want to receive such messages, tick here.<\/label>\n\t\t\t\t\t\t\t<\/div><\/div><\/div><\/fieldset><\/div><\/div>\n        <div class='gform-footer gform_footer top_label'> <button type=\"submit\" id=\"gform_submit_button_2453\" class=\"gform_button button\" onclick=\"gform.submission.handleButtonClick(this);\" data-submission-type=\"submit\"><span class=\"gform_submit_button__text\">Submit Now<\/span><\/button> <input type='hidden' name='gform_ajax' value='form_id=2453&amp;title=&amp;description=&amp;tabindex=0&amp;theme=gravity-theme&amp;hash=ec2463697d0d9cef7b71236ae60964c7' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submission_method' data-js='gform_submission_method_2453' value='iframe' \/>\n            <input type='hidden' class='gform_hidden' name='gform_theme' data-js='gform_theme_2453' id='gform_theme_2453' value='gravity-theme' \/>\n            <input type='hidden' class='gform_hidden' name='gform_style_settings' data-js='gform_style_settings_2453' id='gform_style_settings_2453' value='' \/>\n            <input type='hidden' class='gform_hidden' name='is_submit_2453' value='1' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submit' value='2453' \/>\n            \n            <input type='hidden' class='gform_hidden' name='gform_currency' data-currency='GBP' value='C2w2r8dvXDQDeak1N3tPrc\/zS2ahZnKeofDkf211hAceQadbnQYZVYwqhuQoSBl7Kot5sU6vLfLWhamNxN8sih0DcZe3ZZUgUzXNf7tXq3s4hyI=' \/>\n            <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' \/>\n            <input type='hidden' class='gform_hidden' name='state_2453' value='WyJ7XCIxNFwiOltcIjIyODY0N2ViMWU3NTcxZjA4YTY4NGJmMDcwMTk3Y2I0XCIsXCJiMzk3YmQ1MDBmMmFjNjk1ODE4MzdmNTBhYTA2MzQ0OFwiLFwiNGYyNGZkZGEwMzlkNDUxMWFhZGE1NGYwZmQwZmNiZTdcIixcIjUyMmJkMDE2M2I2ZmEwOTI3NDZhZjU5YTg0ZmM1NDk5XCIsXCIzODRlNjk1YjQxMTAzMWFiYmQ2ODEyMGYyZWFhMDYyNlwiLFwiYjkzNDcwNTE2MjkxOGRjZWViMjQzNzRjNmE0NGVmNTlcIixcIjQxMTliODZhMzVjYzJiMWViNDZiMmQ4NjRlNGUzZmNjXCJdfSIsIjQ3MjNiMzA2ZDIyZGVkODA2N2YyMjYyOThkYzI1ODVmIl0=' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_target_page_number_2453' id='gform_target_page_number_2453' value='0' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_source_page_number_2453' id='gform_source_page_number_2453' value='1' \/>\n            <input type='hidden' name='gform_field_values' value='' \/>\n            \n        <\/div>\n                        <\/form>\n                        <\/div>\n\t\t                <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_2453' id='gform_ajax_frame_2453' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'><\/iframe>\n\t\t                <script>\ngform.initializeOnLoaded( function() {gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery('#gform_ajax_frame_2453').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_2453');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_2453').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){form_content.find('form').css('opacity', 0);jQuery('#gform_wrapper_2453').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_2453').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_2453').removeClass('gform_validation_error');}setTimeout( function() { \/* delay the scroll by 50 milliseconds to fix a bug in chrome *\/ jQuery(document).scrollTop(jQuery('#gform_wrapper_2453').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_2453').val();gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [2453, current_page]);window['gf_submitting_2453'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_2453').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_2453').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [2453]);window['gf_submitting_2453'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_2453').text());}else{jQuery('#gform_2453').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger(\"gform_pre_post_render\", [{ formId: \"2453\", currentPage: \"current_page\", abort: function() { this.preventDefault(); } }]);        if (event && event.defaultPrevented) {                return;        }        const gformWrapperDiv = document.getElementById( \"gform_wrapper_2453\" );        if ( gformWrapperDiv ) {            const visibilitySpan = document.createElement( \"span\" );            visibilitySpan.id = \"gform_visibility_test_2453\";            gformWrapperDiv.insertAdjacentElement( \"afterend\", visibilitySpan );        }        const visibilityTestDiv = document.getElementById( \"gform_visibility_test_2453\" );        let postRenderFired = false;        function triggerPostRender() {            if ( postRenderFired ) {                return;            }            postRenderFired = true;            gform.core.triggerPostRenderEvents( 2453, current_page );            if ( visibilityTestDiv ) {                visibilityTestDiv.parentNode.removeChild( visibilityTestDiv );            }        }        function debounce( func, wait, immediate ) {            var timeout;            return function() {                var context = this, args = arguments;                var later = function() {                    timeout = null;                    if ( !immediate ) func.apply( context, args );                };                var callNow = immediate && !timeout;                clearTimeout( timeout );                timeout = setTimeout( later, wait );                if ( callNow ) func.apply( context, args );            };        }        const debouncedTriggerPostRender = debounce( function() {            triggerPostRender();        }, 200 );        if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) {            const observer = new MutationObserver( ( mutations ) => {                mutations.forEach( ( mutation ) => {                    if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) {                        debouncedTriggerPostRender();                        observer.disconnect();                    }                });            });            observer.observe( document.body, {                attributes: true,                childList: false,                subtree: true,                attributeFilter: [ 'style', 'class' ],            });        } else {            triggerPostRender();        }    } );} );\n<\/script>\n<\/div>\n<\/div>\n<div id=\"content-next\"><!-- scroll anchor --><\/div>\n<h2 class=\"wp-block-heading\">2. Correct Reporting of Data Breaches<\/h2>\n\n\n\n<p>One of your company&#8217;s obligations to the ICO is to report a data breach (usually through their website) within 72 hours of becoming aware of one. However, the test for when to notify the Information Commissioner&#8217;s Office is not straightforward and can be unclear without legal advice.&nbsp;&nbsp;<\/p>\n\n\n\n<div  class=\"box box--icon box--info\">\n    <!-- wp:paragraph -->\n<p>Put simply, your organisation must report a data breach to the ICO when both of the following facts are true:<!-- \/wp:paragraph --> <!-- wp:list {\"ordered\":true} --><\/p>\n<ol>\n<li>you have discovered a personal data breach; and<\/li>\n<li>that data breach could likely result in a risk to people&#8217;s rights and freedoms.<\/li>\n<\/ol>\n<p><!-- \/wp:list --><\/p>\n<\/div>\n\n\n\n<p>If your company believes that someone has had unauthorised access to personal data, then the first test is likely to be satisfied.<\/p>\n\n\n\n<p>However, the second test regarding risk to people&#8217;s rights and freedoms is more complicated in practice. Furthermore, without legal assistance, it can be difficult for your organisation to speculate how the ICO may classify this breach.&nbsp;If uncertain, you should err on the side of caution and refer the breach to the ICO.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. Keeping Information Safe<\/h2>\n\n\n\n<p>In this increasingly digital age, the GDPR tasks organisations in England with keeping personal data safe and secure. Notably, some of the <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/biggest-fines-ico\/\">ICO&#8217;s most significant fines<\/a> are to companies that fail to take adequate precautions against cyber attacks. Some business owners falsely believe that using antivirus software alone is sufficient to protect personal information. However, most businesses in England must also perform some of the following actions to increase their <a href=\"https:\/\/legalvision.co.uk\/ecommerce-online-business\/cyber-security-ecommerce-business\/\">cyber security<\/a>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>ensuring the use of strong passwords to safeguard accounts;<\/li>\n\n\n\n<li>training employees regularly about cyber risks and how to safeguard against cyber-attacks (for example, teaching them to avoid clicking on suspicious links and to report any concerns);<\/li>\n\n\n\n<li>installing all recommended software and operating system updates without delay (including antivirus software updates); and<\/li>\n\n\n\n<li>ensuring your organisation regularly backs up data to guard against data loss.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Key Takeaways<\/h2>\n\n\n\n<p>Compliance with the GDPR may pose many challenges to businesses. It involves proactive and constant steps and cyber security monitoring. On the whole, data protection rules in England ensure you collect, handle and store data safely and without disclosure to unauthorised individuals or third parties. Some business owners obtain legal advice to guide them through GDPR compliance requirements.&nbsp;<\/p>\n\n\n\n<p>If your business is facing challenges complying with the GDPR and data protection law, our experienced <a href=\"https:\/\/legalvision.co.uk\/it-lawyers-lp\/\">Data, Privacy and IT lawyers<\/a> can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on <a href=\"tel:+448081968584\" class=\"AVANSERnumber dynamic-number\">0808 196 8584<\/a> or visit our <a href=\"https:\/\/legalvision.co.uk\/membership\/\">membership page<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frequently Asked Questions<\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1659058338662\"><strong class=\"schema-faq-question\"><strong>Would employing a Data Protection Officer (DPO) help my business comply with the GDPR?<\/strong><\/strong> <p class=\"schema-faq-answer\">A Data Protection Officer can help your organisation handle SARs and other GDPR-related tasks and avoid unintentional data protection breaches. However, it is essential to note that, to be effective, a DPO should be given free rein to monitor the company&#8217;s data and make recommendations to improve cyber security.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1659058353009\"><strong class=\"schema-faq-question\"><strong>Why does my company have to report a relevant personal data breach to the ICO?<\/strong><\/strong> <p class=\"schema-faq-answer\">You must report breaches as the ICO is the enforcing body that investigates data breaches under GDPR, whether due to unintentional failure to follow due process or further to a cyber attack. Likewise, the ICO can advise your business on follow-up actions. However, they may also issue a fine if they feel your organisation should have acted differently before the data breach.<\/p> <\/div> <\/div>\n<div class=\"not-prose m-feedback-prompt\">\n    <!-- Thumbs up\/down bar -->\n    <div class=\"m-feedback-prompt__main\">\n        <div class=\"m-feedback-prompt__title\">Was this article helpful?<\/div>\n        <div>\n            <!--span class=\"m-feedback-prompt__button--text\">Thanks!<\/span-->\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--yes\"\n                    data-analytics-link=\"feedback-prompt:yes\" aria-label=\"Agree\">\n                <i class=\"fa-regular fa-thumbs-up fa-3x\"><\/i>\n            <\/button>\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--no\"\n                    data-analytics-link=\"feedback-prompt:no\" aria-label=\"Disagree\">\n                <i class=\"fa-regular fa-thumbs-down fa-3x\"><\/i>\n            <\/button>\n        <\/div>\n    <\/div>\n\n    <!-- Feedback form -->\n    <div class=\"m-feedback-prompt__form\">\n        <div class=\"m-feedback-prompt__form--thanks \">\n            <div>Thanks!<\/div>\n            <p>\n                We appreciate your feedback \u2013 your submission has been successfully received.            <\/p>\n        <\/div>\n        <form id=\"contact-form\" class=\"m-feedback-prompt__form--form\" action=\"\" method=\"post\">\n            <input type=\"hidden\" id=\"authenticity_token\" name=\"authenticity_token\" value=\"659eb7d5d9\" \/><input type=\"hidden\" name=\"_wp_http_referer\" value=\"\/api\/wp\/v2\/posts\/173046\" \/>            <input value=\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\" type=\"hidden\" name=\"currenturl\"\n                   id=\"currenturl\">\n            <input value=\"Three Major Challenges Companies Face in England Under the GDPR\" type=\"hidden\" name=\"currenttitle\"\n                   id=\"currenttitle\">\n            <label>\n                <!-- display on thumbs-up -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--yes\">\n                    Can you tell us <span class=\"font-semibold\">why<\/span> you found it helpful?\n                <\/span>\n\n                <!-- display on thumbs-down -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--no text-lg\">\n                    How can we better improve this article?\n                <\/span>\n                <textarea name=\"feedbackmessage\" id=\"feedbackmessage\" required><\/textarea>\n            <\/label>\n\n            <div class=\"m-feedback-prompt__form--error\" id=\"form-submit-error\"><\/div>\n            <button id=\"submit-contact-form-button\" type=\"submit\" name=\"commit\" class=\"m-feedback-prompt__form--submit\"\n                    data-analytics-link=\"feedback-prompt:submit\">\n                Submit            <\/button>\n        <\/form>\n    <\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Your business must comply with data protection rules to protect your staff and customers and avoid receiving fines. The General Data Protection Regulation (GDPR) establishes the data protection rules for organisations in England. Data protection law in England is complex and requires proactive measures by businesses to ensure full compliance. This article will focus on<a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\">Continue reading <span class=\"sr-only\">&#8220;Three Major Challenges Companies Face in England Under the GDPR&#8221;<\/span><\/a><\/p>\n","protected":false},"author":13349,"featured_media":3155,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"888,3561,3272,1181,767,1366","_relevanssi_noindex_reason":"","editor_notices":[],"footnotes":""},"categories":[27],"tags":[20,21,366,642],"class_list":["post-173046","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-privacy-it","tag-small-business","tag-medium-business","tag-data-privacy","tag-gdpr-complicance"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Three Major Challenges Companies Face With the GDPR | LegalVision UK<\/title>\n<meta name=\"description\" content=\"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Three Major Challenges Companies Face With the GDPR | LegalVision UK\" \/>\n<meta property=\"og:description\" content=\"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\" \/>\n<meta property=\"og:site_name\" content=\"LegalVision UK\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LegalVision\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-29T01:57:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-15T05:24:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1066\" \/>\n\t<meta property=\"og:image:height\" content=\"711\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Thomas Sutherland\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:site\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thomas Sutherland\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\"},\"author\":{\"name\":\"Thomas Sutherland\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\"},\"headline\":\"Three Major Challenges Companies Face in England Under the GDPR\",\"datePublished\":\"2022-07-29T01:57:13+00:00\",\"dateModified\":\"2024-05-15T05:24:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\"},\"wordCount\":783,\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg\",\"keywords\":[\"small business\",\"medium business\",\"data privacy\",\"gdpr complicance\"],\"articleSection\":[\"Data, Privacy and IT Articles\"],\"inLanguage\":\"en-GB\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\",\"url\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\",\"name\":\"Three Major Challenges Companies Face With the GDPR | LegalVision UK\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg\",\"datePublished\":\"2022-07-29T01:57:13+00:00\",\"dateModified\":\"2024-05-15T05:24:48+00:00\",\"author\":{\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\"},\"description\":\"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.\",\"breadcrumb\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058338662\"},{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058353009\"}],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage\",\"url\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg\",\"contentUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg\",\"width\":1066,\"height\":711,\"caption\":\"Variation of Contract: Legal Guidelines for Small Businesses | LegalVision UK\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/legalvision.co.uk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data, Privacy and IT Articles\",\"item\":\"https:\/\/legalvision.co.uk\/category\/data-privacy-it\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Three Major Challenges Companies Face in England Under the GDPR\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/legalvision.co.uk\/#website\",\"url\":\"https:\/\/legalvision.co.uk\/\",\"name\":\"LegalVision UK\",\"description\":\"LegalVision is a commercial law firm in the UK with a commitment to innovation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/legalvision.co.uk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2\",\"name\":\"Thomas Sutherland\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg\",\"contentUrl\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg\",\"caption\":\"Thomas Sutherland\"},\"description\":\"Tom is an Expert Legal Contributor for LegalVision. He has particular expertise in Commercial and Employment litigation, as well as data protection and privacy regulations. He is a qualified Solicitor in England and Wales and has a decade of legal experience, including advocacy within civil courts and Tribunals. Tom specialises in civil and employment litigation. He has extensive experience in advising employers and companies as to the requirements of employment law and data protection rules, as well as day-to-day advice on smooth running from a commercial perspective. Qualifications: Professional Skills Course - Law, University of Law; Legal Practice Course - Law, College of Law; Bachelor of Laws, University of Southampton.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/tom-sutherland-72b4509b\/\"],\"url\":\"https:\/\/legalvision.co.uk\/author\/thomassutherland\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058338662\",\"name\":\"Would employing a Data Protection Officer (DPO) help my business comply with the GDPR?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A Data Protection Officer can help your organisation handle SARs and other GDPR-related tasks and avoid unintentional data protection breaches. However, it is essential to note that, to be effective, a DPO should be given free rein to monitor the company's data and make recommendations to improve cyber security.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058353009\",\"name\":\"Why does my company have to report a relevant personal data breach to the ICO?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"You must report breaches as the ICO is the enforcing body that investigates data breaches under GDPR, whether due to unintentional failure to follow due process or further to a cyber attack. Likewise, the ICO can advise your business on follow-up actions. However, they may also issue a fine if they feel your organisation should have acted differently before the data breach.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Three Major Challenges Companies Face With the GDPR | LegalVision UK","description":"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/","og_locale":"en_GB","og_type":"article","og_title":"Three Major Challenges Companies Face With the GDPR | LegalVision UK","og_description":"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.","og_url":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/","og_site_name":"LegalVision UK","article_publisher":"https:\/\/www.facebook.com\/LegalVision","article_published_time":"2022-07-29T01:57:13+00:00","article_modified_time":"2024-05-15T05:24:48+00:00","og_image":[{"width":1066,"height":711,"url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg","type":"image\/jpeg"}],"author":"Thomas Sutherland","twitter_card":"summary_large_image","twitter_creator":"@LegalVision_law","twitter_site":"@LegalVision_law","twitter_misc":{"Written by":"Thomas Sutherland","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#article","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/"},"author":{"name":"Thomas Sutherland","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2"},"headline":"Three Major Challenges Companies Face in England Under the GDPR","datePublished":"2022-07-29T01:57:13+00:00","dateModified":"2024-05-15T05:24:48+00:00","mainEntityOfPage":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/"},"wordCount":783,"image":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg","keywords":["small business","medium business","data privacy","gdpr complicance"],"articleSection":["Data, Privacy and IT Articles"],"inLanguage":"en-GB"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/","url":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/","name":"Three Major Challenges Companies Face With the GDPR | LegalVision UK","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage"},"image":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg","datePublished":"2022-07-29T01:57:13+00:00","dateModified":"2024-05-15T05:24:48+00:00","author":{"@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2"},"description":"This article explores the three major challenges companies will face complying with the GDPR and how they can overcome them.","breadcrumb":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058338662"},{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058353009"}],"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#primaryimage","url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg","contentUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121740\/business-image-052296.jpg","width":1066,"height":711,"caption":"Variation of Contract: Legal Guidelines for Small Businesses | LegalVision UK"},{"@type":"BreadcrumbList","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/legalvision.co.uk\/"},{"@type":"ListItem","position":2,"name":"Data, Privacy and IT Articles","item":"https:\/\/legalvision.co.uk\/category\/data-privacy-it\/"},{"@type":"ListItem","position":3,"name":"Three Major Challenges Companies Face in England Under the GDPR"}]},{"@type":"WebSite","@id":"https:\/\/legalvision.co.uk\/#website","url":"https:\/\/legalvision.co.uk\/","name":"LegalVision UK","description":"LegalVision is a commercial law firm in the UK with a commitment to innovation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/legalvision.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/46d22f7d1b4ba321fe5b1cdc648cc5d2","name":"Thomas Sutherland","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/","url":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg","contentUrl":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2022\/05\/cropped-Thomas-Sutherland-96x96.jpg","caption":"Thomas Sutherland"},"description":"Tom is an Expert Legal Contributor for LegalVision. He has particular expertise in Commercial and Employment litigation, as well as data protection and privacy regulations. He is a qualified Solicitor in England and Wales and has a decade of legal experience, including advocacy within civil courts and Tribunals. Tom specialises in civil and employment litigation. He has extensive experience in advising employers and companies as to the requirements of employment law and data protection rules, as well as day-to-day advice on smooth running from a commercial perspective. Qualifications: Professional Skills Course - Law, University of Law; Legal Practice Course - Law, College of Law; Bachelor of Laws, University of Southampton.","sameAs":["https:\/\/www.linkedin.com\/in\/tom-sutherland-72b4509b\/"],"url":"https:\/\/legalvision.co.uk\/author\/thomassutherland\/"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058338662","name":"Would employing a Data Protection Officer (DPO) help my business comply with the GDPR?","acceptedAnswer":{"@type":"Answer","text":"A Data Protection Officer can help your organisation handle SARs and other GDPR-related tasks and avoid unintentional data protection breaches. However, it is essential to note that, to be effective, a DPO should be given free rein to monitor the company's data and make recommendations to improve cyber security.","inLanguage":"en-GB"},"inLanguage":"en-GB"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/three-major-gdpr-challenges\/#faq-question-1659058353009","name":"Why does my company have to report a relevant personal data breach to the ICO?","acceptedAnswer":{"@type":"Answer","text":"You must report breaches as the ICO is the enforcing body that investigates data breaches under GDPR, whether due to unintentional failure to follow due process or further to a cyber attack. Likewise, the ICO can advise your business on follow-up actions. However, they may also issue a fine if they feel your organisation should have acted differently before the data breach.","inLanguage":"en-GB"},"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/173046","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/users\/13349"}],"replies":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/comments?post=173046"}],"version-history":[{"count":27,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/173046\/revisions"}],"predecessor-version":[{"id":187944,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/173046\/revisions\/187944"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media\/3155"}],"wp:attachment":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media?parent=173046"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/categories?post=173046"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/tags?post=173046"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}