General Data Protection Regulation (GDPR)
Data protection regulations will be changing on 25th May this year (2018) and which will replace the current Data Protection Act of 1998. In a nutshell, as far as we can establish and there appears to be many conflicting interpretations of this new regulation, it will fundamentally affect the way conpanies control or process personal data. Some of you may have already heard all about GDPR and/or already have robust data protection policies in place. However, for those of you who don’t know, GDPR builds on existing policies and provides individuals with stronger rights to be; informed, to access information about them held on files somewhere, and stronger rights to be forgotten. Businesses will need to demonstrate they have procedures in place to ensure client/member data is only collected for specific purposes and held securely, and in addition, not used for longer than is necessary.
The Information Commissioner’s Office (ICO) has released help and guidance tailored specifically for small businesses, which includes ‘a guide to GDPR’, useful checklists a FAQ section, and useful graphic which outlines ’12 Steps to Take Now’. The ICO also offers an advice helpline for small businesses and charities.
All this information can be found at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/