Data protection, May 2018 changes
filed under: legalMay 25th 2018 will bring a major change in the data protection legislation in the UK. If you manage a website that deals with collecting any personal information (which is any site with so much as a contact form) – you need to learn about these changes and update your privacy policy pages accordingly. We are not experts on this subject and have merely collected a few links to the relevant information from the ico. and the gov.uk websites for guidance and reference.
The Data Protection Act 1998 will be superseded by the GDPR (General Data Protection Regulation) this year and deals with the protection of personal data. Personal data is defined as any information which can be used to identify a person. Larger companies and those dealing with data from CCTV will need to register with the ICO and implement required changes. Smaller companies still have to comply with the GDPR though might be exempt from the registration requirement.
GDPR official info
The Information Commissioner’s Office (ico.) is the authority which deals with the GDPR and offers specific information, tools and guidance on compliance.
- Guide to the General Data Protection Regulation (GDPR)
- download [PDF]: Preparing for the General Data Protection Regulation (GDPR) – 12 steps to take now
- Registration self-assessment – online questionnaire to assess whether registration is required
In summary, the GDPR defines six principles to focus on.
further reading
- What does GDPR mean to me and my business?, smallbusiness.co.uk
- What every SME in the UK needs to know about GDPR, brookscity.com
- The EU General Data Protection Regulation (GDPR), itgovernance.co.uk
- […] overview of the GDPR’s new Subject Access Request regime, burges-salmon.com