The General Data Protection Regulation is due to come into force on the 25th of May 2018. This act will have a significant impact on anyone dealing with EU resident client or employee data, and you must be compliant by this date.
Many of the main concepts of the GDPR and are much the same as those in the current Data Protection Acts 1988 and 2003. However, GDPR introduces new elements that will require significant consideration by all organisations involved in processing personal data. When reviewing the changes introduced by GDPR, organisations should also take the opportunity to look at their compliance with all of the regulations including whether under the 1988 act, the 2003 Amendment act and or GDPR.
The key changes outlined in the GDPR act include:
GDPR applies to EVERY organisation and it is imperative that you prepare for this act now in order to avoid the severe sanctions associated with non-compliance.