General Data Protection Regulation Q&A
What is it?
New European legislation which will replace the Data Protection Act in May 2018. It is likely that after the UK leaves Europe we will still need to comply with this regulation or a similar UK law.
How is it different from the Data Protection Act?
The basic principles for looking after personal data are the same but there are stricter standards to adhere to. The maximum penalty for non-compliance is increasing from £500,000 to €20,000,000.
What should I do?
For the time beginning, we can meet our obligations by complying with the Data Protection Act as well as following good practice guidance published by the Information Commissioner.
Where can I find out more?