On 25 May 2018, the GDPR comes into force and will replace the Data Protection 1998.
The GDPR represents the most significant development in European data protection law for over 20 years. Adopted on 8 April 2016 after four years of negotiations, the GDPR significantly raises the bar for organisations that collect and process personal data – including controllers and processors based outside the EU that collect and process personal data relating to individuals within the EU.
Although the GDPR is not conceptually dissimilar to the DPA, it augments, extends and updates the law in a number of important ways (the top 10 key changes are summarised on our infographic). In broad terms, it can be said that the ‘gold standard’ for compliance under the DPA represents the ‘baseline standard’ for compliance under the GDPR. Thus, as the ICO noted in its ‘GDPR myths’ blog series, “the new regime is an evolution in data protection, not a revolution.”
We have created this GDPR Hub to provide clear and pragmatic advice and guidance on the implications of GDPR and the new data protection landscape for you and your business. If you have any questions, please get in touch with Ed Boal or Hannah Gordon.
A Practical Guide to the GDPR
We have written ‘A Practical Guide to the GDPR’ which provides guidance on the key aspects of the GDPR and draws on guidance from the Information Commissioner’s Office (ICO) and the independent advisory body, the Article 29 Working Party (WP29).
We will be writing a series of supplemental guides which will focus on the application of the GDPR in specific contexts.
- GDPR for HR Professionals
- GDPR for Marketing Professionals (Coming soon)
- GDPR for Charities & Social Enterprises (Coming soon)
- GDPR for Digital Agencies (Coming soon)