You may well have heard that there are some major changes in the pipeline regarding data protection law, which will take effect very soon. This is important new legislation which you really cannot afford to ignore.
The aim of the new European Data Protection Regulation is to harmonise the current data protection laws in place across the EU member states. This means you will need to make changes to the way your company handles data.
Here are the ten essential things you need to know.
1.) The Data Protection Act is being replaced by the General Data Protection Regulation (the GDPR) which is expected to become law in Spring 2016.
2.) All organisations dealing with personal data will be required to comply with the GDPR by Spring 2018.
3.) Organisations will no longer have to register with the Information Commissioner’s Office (ICO) from Spring 2018.
4.) All organisations will have to keep a list of all personal information which they hold and what they do with it.
5.) In some circumstances, loss or misuse of personal data will have to be reported to the ICO (or other appropriate body) without undue delay and where feasible, within 72 hours of the breach. There is also a requirement to inform the individual.