Data protection law in the United Kingdom is undergoing a time of considerable turmoil. Despite the United Kingdom’s exit from the European Union, EU institutions reported in February of this year that the country’s data privacy standards are still fairly similar to those of other EU member states.
The risks of improperly managing a privacy breach are high, but unfortunately not uncommon. A data breach puts immense pressure on a company to complete a lengthy and at times ambiguous to-do list of GDPR requirements which often takes up too much of the precious 72h time window allowed for reporting.
Widely-processed personal data in the contemporary world requires new assessments of the rules to accurately protect rights and freedoms of the individuals. The General Data Protection Regulation 2016/679 (GDPR), implemented in May 2018, led to a greater harmonisation of privacy rules in European Union.