The UK Supreme Court has handed down its judgment in the case of a claim brought against Morrisons supermarkets by various former and current employees. The claim relates to a data breach which occurred in 2014.
The GDPR introduces the concept of accountability. Governance under the GDPR must be transparent. Data controllers and processors must put in place comprehensive but proportionate systems of governance.
The GDPR comes into force in the UK on 25 May 2018. It replaces the Data Protection Act 1998. It applies to data processors within the EU and also to organisations outside the EU who sell goods and services into the EU.
It is now increasingly common for the news to contain stories of significant data losses. These are both embarrassing for the organisation concerned and potentially extremely expensive to sort out.
