…and other data know-how.
This week’s news that new data protection legislation will apply from September of this year introduced some hefty consequences for non-compliance, so it’s more important than ever to keep up to date with all things data.
And data will continue to be a hot topic for the next few months – the EU’s General Data Protection Regulations (GDPR) will be law in the UK from 25 May 2018. Although the UK is currently negotiating its departure from the EU, the withdrawal terms agreed will affect the extent to which we need to comply with its laws, so all businesses should begin to plan for it now as compliance will be required until the date the UK leaves the EU.
So, what can you do to be ready? If you’re a data processor, the GDPR imposes some direct obligations on you, so you’ll need to understand what they are and build them into your contracts and procedures. Organisations for which you process data will also need to be comfortable that your practices are compatible with the new regulations.
To help you prepare, we’ve listed 12 main areas you should become familiar with now so you’re up to speed when the new regulations come in.
Don’t forget to bookmark this page as a quick tool which takes you directly to the topics you need to know about.
All links take you directly to the Independent Commissioner’s Office (ICO) website – in the UK, the ICO is the authority responsible for upholding information rights in the public interest.
- Be aware of any new obligations https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
- Know your accountability https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/accountability-and-governance/
- Informed consent https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/key-areas-to-consider/?q=consent
- Children https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/key-areas-to-consider/?q=children
- Lawful basis for processing https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/key-areas-to-consider/
- Privacy information https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/the-right-to-be-informed/
- Individuals’ rights https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
- The right of access https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/the-right-of-access/
- Data breaches https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/breach-notification/
- Data protection by design https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/accountability-and-governance/#dpbydesign
- Data protection officers https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/accountability-and-governance/?q=data+protection+officer
- Cross border transfers https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/transfer-of-data/
Source: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/ accessed 02/08/2017.