Data Protection Act

The Data Protection Act 2018 (DPA) has received Royal Assent and came into force on Friday 25 May 2018, repealing the previous Data Protection Act 1998. The Information Commissioner, Elizabeth Denham has said that the DPA “will put in place one of the final pieces of much needed data protection reform. Effective, modern data protection laws with robust safeguards are central to securing the public’s trust and confidence in the use of personal information within the digital economy, the delivery of public services and the fight against crime”.

The new Act has been drafted to ensure that we will be able to exchange personal data with the EU freely, after Brexit. The General Data Protection Regulation 2018 (GDPR) is an EU regulation which should be read alongside the DPA. The majority of core principles under the DPA and GDPR are the same, however the DPA contains tailored provisions for how the law is to be applied specifically within the UK. For example, there are provisions which apply to intelligence services within the UK. There are also provisions which deal with processing in relation to immigration and other elements of the GDPR which UK national law requires expansion on.

The new legislation imposes obligations on those who process and control data, to be compliant with the law. As of 25 May 2018 data controllers and processors are expected to be, or have proof that they are working towards being, GDPR/DPA compliant. This is particularly important because the DPA has granted the Information Commissioner’s Office (ICO), heightened powers of enforcement. The maximum penalty has been increased in the UK for data breaches and failure to comply. Organisations can now be fined up to £17 million or 4% of their global turnover, whichever is higher. The revision of data protection offences in comparison to the previous DPA, instils a more contemporary approach to the modern realities of data protection, in the hope that it will deter organisations from being careless or reckless with data. How strictly and stringently the ICO will be in exercising their heightened powers however, remains to be seen.

We have developed a number of useful guides and tools to help you and your business maintain GDPR compliance. If you would like further information regarding this, please contact us. 


If you would like more information or advice relating to this article or an Employment law matter, please do not hesitate to contact Chris Cook on 01727 798089.

Read SA Law's latest employment views & insights
Stained glass window Employment SA Law
Views & Insights
How UK businesses should prepare for incoming IR35 rules

With less than 12 months until the IR35 changes come into force, Chris Cook outlines how businesses in the UK can prepare to avoid falling foul of the…

Photo of a red arrow SA Law
Views & Insights
Digital Disruption: How to think disruptively for greater business success

SA Law’s recent event looked at a topic on many people’s minds: What is ‘digital disruption’, and should I be applying it to my organisation?

SA Law Red Mug Coffee
Views & Insights
Building the wellbeing workplace: how to ensure your employees are healthy and happy

SA Law’s recent HR forum discussed how wellbeing in the workplace has become critical strategy for employers.

GDPR Numbers Image SA Law
Views & Insights
GDPR one year on

Subject access requests and complaints have been commonplace since the GDPR came into effect. Find out more about the trends and traps.

Stained glass window Employment SA Law
Views & Insights
Proposed changes to NDA rules 'not enough to end workplace harassment'

Partner Keely Rushmore comments in People Management about the government's announcement.

Stained glass window Employment SA Law
Views & Insights
Smart Exits: Protected Conversations and Termination Payments

Chris Cook addresses the most appropriate ways of reaching a settlement when managing an employee's exit from a company.

Stained glass window
Views & Insights
I'm facing redundancy, what should I do?

A redundancy process is undoubtedly an unpleasant thing to go through, understanding your rights can make things significantly easier.

Join our mailing list

Want our latest views & insight along with exclusive event invitations and much more sent directly to you?

© SA LAW 2019

Every care is taken in the preparation of our articles. However, no responsibility can be accepted to any person who acts on the basis of information contained in them alone. You are recommended to obtain specific advice in respect of individual cases.