book a meeting Search Search
brisbane

level 16, 324 queen st,
brisbane qld 4000
+61 7 3235 0400

dandenong

40-42 scott st,
dandenong vic 3175
+61 3 9794 2600

melbourne

level 7, 600 bourke st,
melbourne vic 3000
+61 3 8615 9900

sydney

level 21, 20 bond st,
sydney nsw 2000
+61 2 8298 9533

hello. we’re glad you’re
getting in touch.

Fill in form below, or simply call us on 1800 888 966

EU Privacy Changes and its impact on Australian business

17 May 2018
marcus hannah
Read Time 2 mins reading time

The regulatory landscape governing data privacy and protection across the world is set for a landmark change with the European Union’s General Data Protection Regulation (‘GDPR‘) coming into effect on 25 May 2018.

The GDPR will replace the data privacy standards currently in place in the European Union (‘EU‘) and aims to harmonise data protection laws across the EU, modernising standards to reflect the use of new technology and the growing practice of the creation and processing of personal data on the internet.

The GDPR will have application beyond the EU and will apply to all companies, regardless of location and size, that:

  • offer goods or services in the EU;
  • monitor the behaviour of residents of the EU; or
  • or process or hold the personal data of individuals based in the EU.

Personal data is defined broadly and will include any information that can be used to directly or indirectly identify an individual. This may include an individual’s name, email address, medical information or even a computer IP address.

Australian companies that fall within the reach of the GDPR will need to ensure they are adequately prepared. Compliance with the GDPR will require companies to adopt transparent data handling practices and meet certain standards when handling personal data. This will include obligations regarding the type of personal information that can be gathered, how personal information needs to be stored and protected and what organisations must do in the case of a data breach.

Unlike previous data protection laws, the GDPR also introduces direct liability for data processors, such as service providers who provide cloud based services.

The GDPR introduces unprecedented penalties for non-compliance. Fines can be up to €20 million or 4% of annual group turnover (whichever is greater) for serious infringements.

In the lead-up to the commencement of the GDPR, businesses should investigate whether they will be required to comply with the GDPR, and if so, take action immediately to ensure they are compliant by 25 May 2018.

If you have any queries regarding your company’s compliance with the GDPR, please contact us.

This article was written by Marcus Hannah, Senior Associate – Commercial. 

stay up to date with our news & insights

EU Privacy Changes and its impact on Australian business

17 May 2018
marcus hannah

The regulatory landscape governing data privacy and protection across the world is set for a landmark change with the European Union’s General Data Protection Regulation (‘GDPR‘) coming into effect on 25 May 2018.

The GDPR will replace the data privacy standards currently in place in the European Union (‘EU‘) and aims to harmonise data protection laws across the EU, modernising standards to reflect the use of new technology and the growing practice of the creation and processing of personal data on the internet.

The GDPR will have application beyond the EU and will apply to all companies, regardless of location and size, that:

  • offer goods or services in the EU;
  • monitor the behaviour of residents of the EU; or
  • or process or hold the personal data of individuals based in the EU.

Personal data is defined broadly and will include any information that can be used to directly or indirectly identify an individual. This may include an individual’s name, email address, medical information or even a computer IP address.

Australian companies that fall within the reach of the GDPR will need to ensure they are adequately prepared. Compliance with the GDPR will require companies to adopt transparent data handling practices and meet certain standards when handling personal data. This will include obligations regarding the type of personal information that can be gathered, how personal information needs to be stored and protected and what organisations must do in the case of a data breach.

Unlike previous data protection laws, the GDPR also introduces direct liability for data processors, such as service providers who provide cloud based services.

The GDPR introduces unprecedented penalties for non-compliance. Fines can be up to €20 million or 4% of annual group turnover (whichever is greater) for serious infringements.

In the lead-up to the commencement of the GDPR, businesses should investigate whether they will be required to comply with the GDPR, and if so, take action immediately to ensure they are compliant by 25 May 2018.

If you have any queries regarding your company’s compliance with the GDPR, please contact us.

This article was written by Marcus Hannah, Senior Associate – Commercial.