General Data Protection Regulation (GDPR)

New rules relating to how we collect and process personal data - the EU General Data Protection Regulation (GDPR) - will come into effect in the UK from 25 May 2018.

What is GDPR?

The GDPR is Europe's new framework for data protection laws. It replaces the previous 1995 data protection directive, which current UK law is based upon.

The new regulation starts on 25 May 2018. It will be enforced by the Information Commissioner's Office (ICO).

The Government has confirmed that the UK's decision to leave the European Union will not alter this.

What do I have to do now?

Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA). If you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently.

(Source: LGA  - www.local.gov.uk/our-support/general-data-protection-regulation-gdpr)

Useful Links

Websites

• www.eugdpr.org
• ico.org.uk

Webpages

• GDPR Factsheet – on our website
• Getting ready for the GDPR checklist - on the ICO website
• Summary of Legislation – on the EU website
• Know your GDPR – on the Sage website
• GDPR – on the Iris website

Documents

• Twelve steps to take now - on the ICO website
• Guide to the GDPR - on the ICO website

Media

• Money Box Live: GDPR and What It Means For You (audio) – on the Radio 4 website

Articles

• What is GDPR? The need-to-know guide
• What Is General Data Protection Regulation?

News