On the 25th May 2018, the General Data Protection Regulations (GDPR’s) will apply to organisations holding personal data across all 28 EU countries and those servicing these 28 countries. In this blog we want to share what we have found out about the GDPR’s and links to resources to help your business make the changes you need.
The aim of the GDPR’s is to protect all EU citizens from privacy and data breeches, it applies to all companies processing personal data of people living in the EU. As the UK will still be a member of the EU in May 2018 we will be adopting the new regulation. Changes will need to be made to policies around personal data to become compliant, as the penalties for infractions are high.
The Information Commissioner’s Office (ICO) for the UK have suggested if you are complying properly to the Data Protection Act you can use your current practices as a starting point to build from. New elements have been added and enhancements made to areas such as consent. The ICO have released 12 steps to take now to explain the key issues of the GDPR’s to help companies start to think about the changes, (see image below for 12 steps).
ICO – General Data Protection Regulations – 12 Steps to take now
In the report each step is explained and links are provided where more detail is available. This is applicable on step 3 where ICO have published notes on privacy, transparency and control and in step 10 a code to carrying out a privacy impact assessment (PIA). The ICO through this process have pledged to relay guidance for the regulations and tools either from themselves or external parties.
Preparation through planning how the GPDR’s will effect your business, is important with the penalties being a substantial large sum. Working out exactly what parts of the regulation will impact your processes will allow you time to make the changes needed. For us here at I-Pro we will be making sure we comply with the new changes and keep an eye on when the guidance is released for each part of the new regulation.
To read more about the GDPR’s we have linked below our information sources and useful links we have found through the research for this blog.
References & Useful Links
1. ICO – Preparing for the General Data Protection Regulation(GDPR) – 12 steps to take now
2. ICO – Guidance: what to expect and when
3. ICO – Privacy notices, transparency and control
4. TTG Media Advisor: Keeping up-to-date with the personal data reforms
5. The EU General Data Protection Regulation