Replacing the Data Protection Act (1998) on the 25th May 2018, the General Data Protection Regulation (GDPR) is being introduced to deal with the changes in technology and data protection in the EU over the last couple of decades. When the Data Protection Act began, this was the same year that Google was introduced. It would be another 6 before Facebook and 8 before Twitter arrived.
During this time regulations have not been changed to deal with the large amount of personal data that is now used and stored by businesses online; or can be searched for and easily found on social media. In the construction industry a lot of personal data is stored during the short-term hiring of contractors. Contractor management is the temporary hiring of contractors for their own specific skills and experience and often requires sufficient contractor orientation and the collection of personal data before work begins.
This article goes on to look at the current problems with data protection, concentrating on difficulties in the construction industry, but also looking at the new regulations that every industry will be expected to stick to. Some of these regulations include:
- Only keeping personal data for the time it is required
- Only using personal data for the purpose mentioned
- Only requesting the data that is needed
- The requirement for larger businesses to hire a Data Protection Officer
Also, the importance of always asking the question:
Do we have your agreement to use these private details for the specific purpose(s) discussed?
Comparing new forms of data storage to traditional methods, we will go on to discuss why it is so important for industries to introduce digital technology, but also the new problems that have to be researched and understood. This is especially important to meet these new, stricter standards.
If there is someone you’d like to contact for further information in the country you live, this article provides contact details for a number of countries in the EU. More information can be found online at the website of the European Commissioner’s Office, listing 28 different European countries; revealing names, addresses, telephone numbers, e-mail and fax details of official data protection authorities:
The importance of understanding the GDPR can be seen by the requirement to contact the Data Protection Commissioner within 72 hours of a data breach, after first telling the person affected about the problem. If you don’t meet this deadline, fines of up to €20m could be placed.
It is worth reading this article for a short description of what the GDPR involves, problems these new standards could pose on the construction industry, different forms of data storage and data protection and new standards that are vital to apply to, along with contact details if you’d like to find out a bit more about how the GDPR will affect you in the country you live.