GDPR Enforced 25 May 2018

The GDPR (General Data Protection Regulation) will be enforced from 25 May 2018. UK organisations that process the personal data of EU residents have only a short time to ensure that they are compliant. The regulation is designed to harmonise data protection law across Europe and make the law more relevant to our digital age.

How does Brexit Affect Us

In short, it doesn’t. Forget about Brexit, we don’t get a “get out of jail free” card. The GDPR does not just apply to businesses in the EU, it applies to any organisation that controls or processes EU data, wherever they are in the world. Our government has already announced that it wants the UK to be “the safest place in the world to go online”. Here’s an overview of some of your new responsibilities:

• Keep a record of data operations and activities
• Carry out a data privacy impact assessment (PIA) for systems and projects
• Consider if you will be required to designate a data protection officer (DPO)
• Notify the supervisory authority of a data breach
• Review data processing processes
• Implement “privacy by design” and “privacy by default”

How can Spotlight Studios help

We have a wide-range of data protection expertise to help you prepare. We can offer consultancy and resources to help you understand these new regulations. Get in touch today to find out more