The Team

GDPR is coming - are you ready?
GDPR is coming - are you ready?

The General Data Protection Regulation comes into force on 25th May 2018 - are you ready?

Millions of words have been written already about GDPR and probably millions more will be written before the commencement date. The Information Commissioner has advised that the ICO will be running advertising campaigns making the public aware of their rights - but a recent survey by Ipsos Mori disclosed nearly two thirds of businesses had never heard of GDPR!

So, what's it all about? Every business and organisation, irrespective of size, has to comply with the regulation. That includes, clubs, associations, charities and even churches. The overriding principle of the GDPR is that an individual's personal data belongs to them and any organisation wishing to process (use) or hold that data must have a lawful reason for doing so.

Data protection isn't new - the UK currently operates under the Data Protection Act 1998. However, the new regulation gives additional rights to the individual and imposes specific obligations on organisations to define and explain why they hold the personal data, what they do with it, whether they give it to anyone else and when they will delete it. It's up to every organisation to make justify their "lawful basis for processing" personal data. They also have to publish a Privacy Statement to explain what they do with personal data.

If you own a business or run an organisation or club and you process any personal data, it's imperative you take steps to become compliant before 25th May 2018. There is no grace period and the level of fines for breach of the regulation is eye-wateringly high!