This document will help you get ready for the implementation of the General Data Protection Regulation on 25 May 2018.
The European General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and unlike the EU directive that it replaces, does not have to be signed into law by individual countries’ parliaments.
The UK government has indicated that it will apply to the UK regardless of Brexit. In any event, the regulation applies to the data of individuals within the EU so will impact all organisations with operations in the EU.
The regulation is intended to be about moving away from seeing the law as a box ticking exercise and instead working on a framework that can be used to build a culture of privacy that pervades the entire organisation.
It aims to create comprehensive but proportionate governance measures.