The Data Protection Act is Changing.
The Data Protection Act 1998 is being updated and you need to prepare for the General Data Protection Regulation (GDPR) which will be introduced in mid 2018. By getting prepared you and your business will avoid any nasty surprises. With many of GDPR’s concepts and principles being the same as the existing Data Protection Act (DPA), if you are complying now a lot of your processes will remain the same, and you can build on what you have in place to adhere to the GDPR.
In brief, the GDPR is more stringent and will change the way that can collect, use and transfer personal data. You will need to know where data is stored, be able to access it and potentially alter the way it’s collected. Subject access requests will need to be processed more quickly, and any information to be provided in a clear and concise manner. In addition, subjects will have a ‘right to be forgotten’ by a company, and in that case you would need to ensure complete data erasure.
The GDPR was agreed in Brussels in 2015, and is an EU regulation; the recent referendum result has therefore brought confusion to the fore. If the UK is not in the EU, do we still need to follow the new regulations? The answer is potentially yes. If a UK business offers services to EU citizens, regardless of where the data is held, the GDPR will need to be complied with. The timing is also key here, as the GDPR is expected to come into force before the UK leaves the EU. During the period where the UK is still in the EU, the regulations must be complied with, so companies will need to prepare for the change regardless. The Information Commissioner’s Office (ICO) will be discussing Brexit and its impact on the data protection law with the UK government in the coming weeks.
This is a change that not everyone is aware of, and a fifth of UK companies don’t understand the requirements. As the services provided by ITADwise are so vital to protecting data, whether it’s under the DPA or GDPR, we want help you and your businesses prepare for the change. We will be bringing you a series of articles detailing steps that you can take to prepare for the change. Don’t risk a fine for non-compliance.