GDPR Countdown: One Year to Comply

Is your business ready for the new data protection law?

The EU General Data Protection Regulation (GDPR) comes into full effect in one year. On 25 May 2018, it will replace the existing UK Data Protection Act 1998.

The new regulation will introduce:

  • greater rights for individuals to control how their personal data is being handled
  • new duties for organisations that collect, store or use personal data of EU citizens
  • more stringent rules around obtaining consent to gather and use personal data
  • mandatory data breach notifications, in certain situations
  • large fines for non-compliance (of up to €20 million or 4 per cent of global turnover)

The regulation will apply to all businesses, regardless of where they are located, if they process personal data of EU citizens. It will impose duties and responsibilities on those that control the data, as well as those that process it.

Getting ready for GDPR
With one year to go, the countdown to prepare for GDPR compliance is well under way. If you haven’t already done so, you should start preparing for the changes now.

To help you get going, we have produced a summary of key steps you should take to prepare your business for the GDPR. This will offer you a starting point for understanding:

  • what GDPR covers
  • what the main areas of change are
  • how to move towards compliance

If you’d like to review the current data protection rules and your duties under the Data Protection Act, see how to comply with data protection legislation.