The Retailer SUMMER 16_v7

risks and security

Fines It is obvious that where data is not appropriately secured, loss or unauthorised access is much more likely to occur and according to the ICO, a significant number of the monetary penalties issued in the past 5 years relate to the failure to use encryption correctly as a technical security measure. This can mean fines of up to £500,000 which will rise to €20 million or even higher, being a percentage of worldwide turnover, from 2018 under the European General Data Protection Regulation (‘GDPR’). Even if the UK is no longer part of the EU by this point, if retailers want to sell to customers in the EU and EU citizens data is being stored, the GDPR will apply. With the risk of significant damage to reputation, if a retailer does not store personal data securely, we anticipate a greater use of encryption over the coming years.

“With the risk of significant damage to reputation, if a retailer does not store personal data securely, we anticipate a greater use of encryption over the coming years.”

KIMWALKER // kim.walker@irwinmitchell.com // www.irwinmitchell.com

retailer | summer 2016 | 31