From May 25, 2018, the new mutually agreed European General Data Protection Regulation (GDPR) will update personal data rules.
GDPR will bring outdated personal data laws across the EU up to speed with an increasingly digital era. The previous data protection laws were put in place during the 1990s and haven't been able to keep pace with the levels of technological change.
The new rules will alter how businesses and voluntary and public sector organisations can handle the information of their customers. GDPR also boosts the rights of individuals and gives them more control over their information. We have a link to resourses posted late last year.
But dont panic! Elizabeth Denham, the UK's information commissioner, who is in charge of data protection enforcement, says she is frustrated by the amount of "scaremongering" around the potential impact for businesses. "The GDPR is a step change for data protection," she says. "It's still an evolution, not a revolution". She adds that for businesses and organisations already complying with existing data protection laws the new regulation is only a "step change".
The key things to consider are:
You need to map your data. This mean you must know:
- What information you are collecting
- Who are you collecting this information from?
- Why are you collecting this information?
- What do you intend on doing with it?
- Is your justification lawful?
- Who will you share it with? e.g., icloud, dropbox.
- How long will you keep it for?
- How will you secure it?
- How will you ensure that data is deleted irretrievably (hard & soft)
Community Southwark has hired an expert in the field to deliver a a day's training on GDPR. The training scheduled for 26th June is sold out. But if there is demand for a further date when things have settled down and there is more certainty about how the rules will operate then we will host a further event. Please add your name to the wait list or email me directly for more details.
In the meantime, this short document produced by Paul should provide you with some very helpful guidance on what you need to do to be compliant.