The new GDPR Data Protection rules come into play from 25 May 2018.
The General Data Protection Regulation marks a shake up to data protection legislation and addresses the advances in the electronic world since the Data Protection Act came into force in the UK. Although the main principles will remain the same, GDPR will totally repeal the DPA and enhances the protections.
At the heart of GDPR is the ethos of ‘Privacy by Design’ which in itself will entail maintaining records of personal data and processing activities and obtaining explicit consent to process data in many more cases.
Data protection and an individual’s privacy is to be at the core of all new data processing activities. The new Regulations make ‘transparency’ and ‘accountability’ key principles and the punishments for breaching the regulations have been considerably increased.
WCM UK has issued general guidance to its members about the new regulations and actions to take. Available here.