The GDPR

The General Data Protection Regulation (GDPR) came into force on the 25th May 2018.  It means the introduction of 99 articles that define how personal data should be handled and protected, with 173 recitals supporting those articles.  In addition, the Data Privacy Bill applies the regulation into UK law. 

Your company needs to be compliant with concepts such as the ‘Lawful Basis for Processing’, Data Protection Officer, right to erasure and many, many others.  GDPR will bring about a change in the way data is viewed: from being a right to being a privilege.

May 25th was not only a deadline to get over, it is just the start.  The GDPR introduces fundamental change to the way data is processed which will become the new normal for the protection of data.

GDPR has six key principles to protecting personal data and seven rights of data subjects.  These should underpin every type of processing your company does. Applying these to your organisation gives you a good head-start in becoming compliant.