Government announces new charging structure for Data Controllers
- By Paul Sullivan
The Government recently announced a new charging structure to fund the Information Commissioner’s Office (ICO) coinciding with the General Data Protection Regulation (GDPR) on 25 May 2018. In the meantime, organisations are still required to pay the current notification fee to the ICO.
Under the GDPR, the requirement for data controllers to pay the ICO a fee will be removed. Accordingly, the Government has proposed a new funding structure based on the relative risk to the data being processed.
The new model has three tiers, distinguished by a number of factors including size, turnover and whether an organisation is a public authority or charity.
- Tier 1: For smaller organisations, with an annual turnover of up to £632k or up to ten staff, the fee will be £40 per year (with a discount for direct debit to the current £35 level).
- Tier 2: For SMEs, with an annual turnover of up to £36 million or up to 250 staff, the annual fee will £60.
- Tier 3: For those organisations not following within Tiers 1 or 2 above, the fee will be £2,900 per annum on the basis that such organisations are likely to hold and process the largest volumes of data, and therefore represent a greater level of risk.
There will continue to be financial penalties for failing to pay ICO fees, but these will be in the form of civil monetary penalties rather than a criminal sanction.
What steps have you taken to ensure your business is GDPR ready?
For more information about this article, or any other aspect of our data privacy solutions, call Ferguson & Company now on 028 9032 2998. There is no charge for initial telephone advices.