Everyone is talking about it but what exactly is it……?
General Data Protection Regulation (GDPR) will replace the UK Data Protection Act 1998 and will come into force on 25 May 2018. Its main aim is to put personal data back in the hands of the individual and ensure that organisations are clear and transparent about how they handle personal data.
In a brief, the key elements are that:
-Companies will be more accountable for their handling of personal data
-Individuals will have more power to access the information that is held about them
-The regulators have the power to fine businesses that don’t comply with GDPR
Every business is different, so whilst GDPR will affect businesses both big and small, it is important to understand how it will affect your business, what action needs to be taken and by whom. Some companies will already have a lot of good practices in place whilst others may need to make some big changes. The important thing is to make sure that your business is compliant.
GDPR is regulated by The Information Commisioner’s Office (ICO) and their latest advice and guidance can be found here
Here you can see useful guides including “Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now”
Other useful links