Data protection laws aim to protect the privacy of individuals whilst giving businesses the right to use that data. But our previous Data Protection Directive dates from 1995 – so was set in a different technological context to today’s world. Many tools and devices that are commonly used today (such as smartphones, fitness trackers, sat navs) did not exist when the first Directive was written.
Therefore, on 25 May 2018, a new regulation, the General Data Protection Regulation (GDPR), will replace the previous directive. The GDPR will apply to all organisations that are based in, or do business in, the EU, irrespective of their size or sector. It aims to replace the different data protection laws and reporting requirements across Europe with a single set of data protection regulations which will apply to all EU member states in the same way.
Even though the UK has voted to leave the EU, we will still be a member in May 2018, and therefore must comply until such time as we do leave. So, we need to be taking steps now to ensure that we will be compliant in a year’s time. Because the processing of personal data is an integral part of many business activities, the scale of the task should not be underestimated.
In this webinar we go through the main changes and a suggested action plan of things to consider.