Quote:
Originally Posted by jonbxx
Got some bad news about GPDR, it probably isn't going away - http://data.parliament.uk/DepositedP...nical_Note.pdf
GPDR is a pain but it is all about protecting our personal data. It's actually a huge benefit for multinational companies as there was a hodgepodge of different regulations across Europe before which made offshoring data a real pain. For example, my companies HR data was backed up in the US apart from data from Belgium and Germany. GPDR and the 'Adequacy framework' in GPDR let all data be centralised.
I understand that there is a burden for small business. However, how do you decide what small businesses, if any should GPDR apply to? Should it apply to a plumber with three employees? Maybe not. Should it apply to a lawyer writing wills as a sole trader? Probably yes. |
There is no problem in my book with legislation that protects personal data, but as usual, the EU makes that legislation so complicated and work intensive for all organisations, that it has proved a huge pain for businesses, particularly the smaller ones.
Why could they not simply set out the standards required rather than have each company write out specifically how they were going to comply with it? Instead of having everything set out clearly in the legislation, every company has had to replicate the same process. Do they think organisations have nothing better to do?
Hopefully, the UK will draft a law which is better understood and does not require so much bureaucracy once we leave the EU. We can surely achieve the objectives of the GDPR without taking the EU sledgehammer to crack the data protection nut.