Preparing for the GDPR

You may or may not be aware of the looming GDPR rules governing the handling of personal data, which are to be enforced one year from now, as of May 2018. The General Data Protection Regulation (GDPR) was introduced by the European Union and will take place regardless of the UK’s departure from the EU. The provisions include: The legal right of people to access, correct, delete or transfer personal information held about them on any company system. The requirement for citizens to provide explicit consent for their personal data to be held, after which companies must save this consent. The legal obligation for organisations to inform the relevant data authorities and consumers, within 72 hours of breaches to data security. If you are a company which operates within the EU and handles and stores any kind of personal information, then you will have to comply with these new rules. These regulations are going to apply across the board, irrespective of company size or business sector. UK website regarding GDPR here. The EU General Data Protection Regulation here.