TheGeneral Data Protection Regulation comes into effect on 25th May 2018 across the . Although the UK is leaving the has stated that the will apply in the UK – as it applies to all organisations processing the data of citizens, the likelihood is that any UK company transacting business in the which involves processing personal data will have to observe requirements.
represents a real step change in data protection practice and compliance across a broad range of areas from enhanced information security requirements, through greater data rights for individuals to improved information management; the penalties for non-compliance with the new legislation are also significantly greater.
The countdown towards compliance has begun and the Information Commissioners’ Office has clearly stated that there will be no “period of grace” – compliance with all aspects of the new legislation will be expected from 25th May 2018.
is a complex piece of legislation. Many organisations cannot be confident that they comply with the current Data Protection Act 1998 whilst others may find tackling the requirements of the to be a real challenge, particularly if they lack the specialist knowledge or resources to identify where their current information handling practices fail to meet these requirements or to find solutions which will help them to comply. Even where some internal resources are available, ongoing day to day commitments or the sheer scale of the task involved may suggest that the business would benefit from expert assistance.
The services available include: