We can finally stop talking about GDPR, can't we? Unfortunately not.
GDPR is here to say and is a living piece of legislation that will adapt as circumstances change. In fact, we are already hearing about potential additions regarding B2B data.
May 25th not only saw the deadline for GDPR come and go, it also saw the launch of the new Data Protection Act 2018, which maps out how GDPR applies in the UK.
Here are the headlines...
- It transposes the EU Directive into UK law.
- It regulates matters that do not fall within the EU Directive such as Immigration processing
- There are sections which cover the ICO and its duties, functions and powers plus the enforcement provisions
- It repeals the previous legislation
- It brings in provision for intelligence services to comply with internationally recognised data protection standards
The Government has also pledged to introduce a new ‘digital charter’ with the aim of ensuring the UK ‘is the safest place to be online’. It’s proposed the Charter will be underpinned by regulations, but as yet there are no details on what these might be.
We would recommend that firms keep a watching brief on the ICO website as they will be producing guides to help navigate this see: https://ico.org.uk/for-organisations/data-protection-act-2018/