Data Protection & GDPR
On May 25th 2018 the UK’s data protection laws changed.
It’s true that the changes being brought in are far-reaching and come with a much tougher compliance regime.
However, we believe most businesses will be able to significantly reduce the risk of data breaches by themselves by taking a proactive approach.
The big one everyone is taking about is the General Data Protection Regulation (GDPR), but there’s also a new UK Data Protection ct, and some new rules on E-privacy. Much of this legislation takes effect in May 2018.
There’s lots of misinformation circulating about the new data protection laws. At Harrison Drury, we believe in giving our clients the facts and letting them decide how much support they need to comply with the new laws.
The Information Commissioner’s Office (ICO), which is the regulator overseeing the new legislation have outlined 12 measures that organisations should take in order to ensure they comply:
- Awareness
- Information you hold
- Communicating privacy information
- Individuals’ rights
- Subject access requests (SAR’s)
- Lawful basis for processing personal data
- Consent
- Children
- Data breaches
- Data Protection by Design and Data Protection Impact Assessments
- Data Protection Officers
- International