In under six months, Europe’s data protection rules will undergo their biggest changes in two decades. Since they were created in the 90s, the amount of digital information we create, capture, and store has vastly increased. Simply put, the old regime was no longer fit for purpose.
The solution is the mutually agreed European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. It will change how businesses and public sector organisations can handle the information of customers.
The regulation has spawned a raft of GDPR experts who want to help businesses prepare for the changes GDPR will bring – and make a tidy sum for their expertise.
When implemented, GDPR will have a varying impact on businesses and organisations: for instance, not every company will require a data protection officer. To help prepare for the start of GDPR, the ICO has created a 12-step guide.
The guide, which is available here, includes steps such as making senior business leaders aware of the regulation, determining which info is held, updating procedures around subject access requests, and what should happen in the event of a data breach.