General Data Protection Regulation (GDPR) Made Simple

This free guide aims to help pension schemes become fully compliant with the EU’s General Data Protection Regulation (GDPR) by the deadline of 25 May 2018. GDPR will completely change the landscape within which substantial processors of data – of which pension schemes are a prime example – operate. There will be no ‘phasing in’ period and the repercussions for non-compliance can be severe, with potential fines of up to €20 million (or 4% of global annual group turnover if greater) in the event of a breach. The guide provides; a glossary of data terms essential to understanding the new regulations; a suggested timeline for GDPR readiness; and a comprehensive list of steps for trustees to take, including key considerations, explanations of the regulatory requirements, and suggested means of implementing them.

The guide is written and sponsored by Herbert Smith Freehills LLP and independently reviewed by the Pensions and Lifetime Savings Association.