GDPR General Data Protection Regulation

As a business you need to ensure that you comply with Data Protection and in May 2018 there are new regulations coming. The General Data Protection Regulation (GDPR) is a regulation where the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for all individuals within the EU. It also looks at the export of personal data outside the EU.



“The GDPR emphasises transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy. “

Are you ready for the GDPR?

The Data Protection office has complied a 12 step checklist that you can work through to ensure you are ready for May 2018 – download the checklist here

  1. Become aware: do key personnel know about the changes?
  2. Become accountable:  Make an inventory of all the personal data you hold and complete an audit
  3. Communicate with Staff and Service Users: Review all current data privacy notices alerting individuals to the collection of their data.
  4. Personal Privacy Rights.
  5. How will Access Requests change?
  6. What we mean when we talk about a ‘Legal Basis’
  7. Using Customer Consent as grounds to process data.  Consent must be ‘freely given, specific, informed and unambiguous.’
  8. Processing Children’s Data
  9. Reporting Data Breaches
  10. Data Protection Impact Assessments (DPIA) and Data Protection by Design and Default
  11. Data Protection Officers
  12. International Organisations and the GDPR

It is vital that you comply with data protection and you are prepared for the new regulations that will come into effect May 2018.