Pensions - Articles - PLSA launch simple guide to GDPR


The Pensions and Lifetime Savings Association (PLSA) today launched a new Made Simple Guide in partnership with Herbert Smith Freehills. The free guide aims to help pension schemes become fully compliant with the EU’s General Data Protection Regulation (GDPR) by the deadline of 25 May 2018.

 GDPR will completely change the landscape within which substantial processors of data – of which pension schemes are a prime example – operate. There will be no ‘phasing in’ period and the repercussions for non-compliance can be severe, with potential fines of up to €20 million (or 4% of global annual group turnover if greater) in the event of a breach.

 This free Made Simple Guide provides:
 A glossary of data terms essential to understanding the new regulations;
 A suggested timeline for GDPR readiness;
 A comprehensive list of steps for trustees to take including key considerations, explanations of the regulatory requirements, and suggested means of implementing them:
 Map your data flows and identify associated risks
 Determine on what grounds you will be processing data
 Appoint a Data Protection Officer (or justify not appointing one)
 Reassess how you engage with your membership
 Update policies and procedures
 Review and renegotiate third party agreements

 Nigel Peaple, Deputy Director for Defined Contribution, Lifetime Savings & Research, Pensions and Lifetime Savings Association, said: “The GDPR will have a substantial impact on our members and on other organisations within the financial sector.

 As a result of GDPR pension schemes can no longer take a reactive approach to data compliance, as was possible under the Data Protection Act 1998. Schemes will be required to design and implement systems on a proactive basis, to ensure that any processing activities are compliant and are backed up by good record-keeping.

 “As every action that a pension scheme undertakes involves the processing of data this is sure to be a mammoth task. GDPR's reforms, as supplemented by the provisions of the Data Protection Bill 2017, will impact every DB and DC scheme in the UK. We are very pleased that Herbert Smith Freehills were able to collaborate with us in the creation of this essential guide, and we are grateful for the hard work and expertise put in by their team.”

 Alison Brown, Global Head of Employment, Pensions and Incentives at Herbert Smith Freehills, said: “This Made Simple Guide looks to introduce and guide pension schemes through the vast, and often highly complex, data protection changes that will take effect in May 2018. There is a lot to do in order to ensure that a pension scheme is “GDPR ready” by 25 May 2018.

 “Our key message to schemes and their trustees is to be thorough, keep an eye on developments (there is a lot still to come) and, given the number of workstreams and necessary involvement of third parties, to make a start as soon as possible. We hope this guide helps schemes either begin to make necessary preparation for GDPR, or to plan next steps.”
  

Back to Index


Similar News to this Story

Wish list for the occupational pensions industry in 2025
As one year closes and another begins, it's an opportune moment to set our sights on the future. The UK occupational pensions industry faces nume
PSIG announces outcome of Consultation
The Pensions Scams Industry Group (PSIG), which was established in 2014 to help protect pension scheme members from scams, today announced the feedbac
Transfer values fell to a 12 month low during November
XPS Group’s Transfer Value Index reached a 12-month low, dropping to £151,000 during November 2024 before then recovering to its previous month-end po

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.