The General Data Protection Regulation (GDPR)

 

‘What on earth is the GDPR?’ I hear you holla…

Well it’s short for the ‘General Data Protection Regulation’. This is the new regulation from the European Commission to replace the Data Protection Directive. It has taken four years for this to be approved, with thousands of changes requested from all member states. It is thought that the GDPR provides a harmonization of data protection regulations throughout EU.

This regulation enforces the control of personal data for both clients and employees alike and carries penalties of up to 4% company-wide annual turnover, rather than the pre-existing £500,000 cap for non-compliance. From the launch in spring this year, we have been given a two year transition period to conform and practice the GDPR. It will apply from 25th May 2018; this may sound like a long time but the changes we need to have in place will take most organisations and practices two years to implement. Every company must now be responsible and accountable if we are processing/storing the personal information of any EU citizen. Personal information includes addresses, NI numbers, copies of passports etc. and any information relating to the individual.


GDPR Articles and Tools


ICO Documents