Rosalind Connor comments in Pensions Age on the challenges pension schemes face from GDPR and old data
The EU’s GDPR comes into effect on the 25th of May 2018 and will involve specific rules around the subject of personal information. This includes how it should be used and stored, when consent is necessary, how long companies and organisations can keep personal information and when one is able to prosecute in instances where the rules are breached.
It is important that pension schemes are aware of how GDPR affects them. For example, attendees need to be aware of what regulatory changes have on their existing data governance programme.
Rosalind Connor argued that a number of schemes are still delaying the necessary preparations for the regulation.
She explained that with Article 50 set to make Brexit official in just under a year and the Data Protection Bill passing through parliament, GDPR compliance is still compulsory in the UK.
“The regulation comes in automatically and its worth understanding that, because it means that it doesn’t really matter whether the Data Protection Bill becomes an act of parliament by the 25 May, it’s [GDPR] coming in anyway.”
Read Rosalind’s comments in Pensions Age
The views in this article are intended for general information purposes only and should not be used as a substitute for professional advice. Arc Pensions Law and the author(s) are not responsible for any direct or indirect result arising from any reliance placed on content, including any loss, and exclude liability to the full extent. Always seek appropriate legal advice from a suitably qualified lawyer before taking, or avoiding taking, any action. If you have any questions on the points raised in the above, please do not hesitate to get in touch.