Everything you need to know about the forthcoming General Data Protection Regulation (GDPR) that is coming into force on 25th May 2018.
Organisations are recommended to start preparing for the changes as soon as possible to avoid non-compliance and ensure that any changes to processes and procedures can be tested, and that training can be implemented in good time.
What is GDPR?
The GDPR introduces new obligations and penalties for the way personal data is handled and UK organisations must comply when dealing with customers, employees, supplies and other individuals.
It is the biggest shake-up in data protection law for 20 years, and ushers in a new era of personal data transparency and accountability. Organisations that fail to comply with the new law risk fines of up to 4% of their global annual turnover or €20m, whichever value is greater.
Why is it happening?
The digital age has increased risk for individuals, particularly with the escalating threat of cyber crime and identity theft.
GDPR brings the law up to date by raising the bar for personal data handling and protection, as well as introducing some ground-breaking changes.