Covid-19 : Business as usual - read more

Online CRS Reporting Service Status : Operating Normally

Online FATCA Reporting Service Status : Operating Normally

Flyingboat News

GDPR and the Channel Islands

Jun 1, 2017

GDPR (General Data Protection Regulation) is one of the latest acronyms to cause angst amongst business owners and managers and there is no doubt that it will have an impact on just about every business that has a computer and records real people’s personal details – so that just about includes every business!

Whilst GDPR is European Union (EU) legislation the Guernsey & Jersey perspective as a minimum is that if you handle personal data for EU residents then you will certainly need to pay attention. The Governments of Guernsey and Jersey have made the decision to incorporate the GDPR into local law effective at the same time – May 2018.

A number of misconceptions exist about GDPR and a number of IT businesses are pushing GDPR “solutions” as though it is an IT problem with a solution that is a product or service. The reality is that GDPR is a business issue with an IT dimension. It is about policy & procedure and these are matters for the board to decide upon and implement a GDPR compliant data management and processing regime within the business. IT has a role in the implementation and with technical matters to safeguard data and manage data through its lifecycle in the business.

In the Channel Islands Emma Martins is the Data Protection Commissioner for Guernsey and the Information Commissioner for Jersey – yes we have a joined up approach! Recently the combined offices for data protection have launched an excellent new website www.thinkgdpr.org which is a resource tailored specifically for the Channel Islands. For an impartial view of what you need to know and consider, it is excellent. It's packed with helpful resources, documents links and videos - it is an excellent starting point and they promise to update it as the local legislation is enacted.

We are helping clients understand what data they have, where it is stored and advising on aspects of IT security as appropriate to the business in the context of the wider measures for the business to be GDPR compliant.

Alan Rowe
Director
1st June 2017