What is GDPR?
On 25th May 2018, the General Data Protection Regulation (GDPR) will be enforced across Europe, replacing the Data Protection Directive 95/65/EC and therefore the Data Protection Act 1998.
Although this law comes from the EU, it will have a global impact. It will affect any business holding personal data relating to a living individual which could be customers, prospects or employees based within the EU. Despite Brexit, the UK will need to comply with the legislation.
If organisations neglect to comply with the new GDPR, they can be fined up to 20million euros or 4% of their global annual turnover, whichever is the higher amount. It is therefore vital that organisations begin preparing for the new regulation now.
Luckily for businesses in the UK looking to start their compliance journey, the ICO have issued a comprehensive guide detailing ideas and tips and key areas that organisations will need to look at ahead of May 2018.