Client feedback

Alex has helped in our dealings with other advisers using his experience of other schemes.
Angela Clayton ,
Accent Group
Wish I'd had the opportunity to do the Trustee training course sooner!
Stuart Atkins,
Raleigh UK Ltd
Very happy with PSGS as an organisation and that opinion is derived from the performance of those that represent them.
Sean Hoyle,
Wightlink
So much more proactive than the previous company. On the ball - thinking in advance of things needing doing - very proactive.
Paul Rudd ,
Chairman of Trustees, Express Newspaper
Expertise - independent - takes the strain off.
Kelly White,
Tussauds
PSGS have provided sound and professional advice through a number of difficult pension decisions – would thoroughly recommend.
George Batho ,
HR Director, Linde Material Handling

Leave or remain, new EU data protection laws may be with us either way

Topic:

Legal & governance

Date published:

Thursday, 24 March 2016

Author:

Gillian Graham

Image of Gillian Graham, Client Director

The long awaited General Data Protection Regulation (GDPR) has finally been agreed in principle, with regulations expected around June 2016.

As it applies directly to EU Member States, national legislation isn’t needed. Fortunately, we have two years to comply. Saying that, we all know how quickly a couple of years go by so pension trustees should get up to speed on the new regulations sooner rather than later.

What do pension trustees need to do?

The Information Commissioner has just issued a handy checklist of 12 steps you can take now to prepare for the GDPR. You can find at: http://dpreform.org.uk/preparing-for-the-gdpr-12-steps-to-take-now/

You’ll need to make sure your pension administrator, scheme actuary and other pension providers are making the right preparations too. With new sanctions for breaches – which include fines of up to 4% of annual worldwide turnover – it is in nobody’s interests to get their preparations wrong. The maximum fine for non-compliance could apply to data being sent overseas, so pension trustees with US parent companies need to be particularly careful following the recent collapse of the ‘Safe Harbor’ arrangements relating to the transfer of data between the UK and the US. A new arrangement known as the ‘EU/US Privacy Shield’ is currently being agreed, but is not in place yet.

With new obligations on data processors and new requirements regarding accountability, breach reporting and demonstrating compliance, pension trustees should review policies and procedures early to avoid being caught out. If your pension scheme doesn’t already have one, a clear framework of accountability will be a must.

What about the EU referendum?

If we wake up on 24 June 2016 to find the UK has voted to leave the EU, the new requirements may still apply to some schemes and businesses in the pension industry. The GDPR has broader scope than its predecessor, covering both EU-based entities and those established outside the EU where data processing involves EU data subjects.

As with all things related to a potential Brexit, data protection will form part of the all important exit negotiations, if they’re needed…

 

 

Back to opinions

 

Hot topics

PSGS & 20-20 Trustees merge to form Vidett
Hot Topic

Punter Southall Governance Services (PSGS) & 20-20 Trustees (20-20) have today announced they...

Read more »

Don’t be surprised that your gilt funds are being treated like an emerging market
Image of Hot Topic author Sophia Harrison, Client Director

You may have seen or heard about the article in the Financial Times about how Insight...

Read more »

More opinions »

Call: 0118 207 2900

online enquiry