As you may be aware (and we hope you are!), the old Data Protection Act will be changing to GDPR - General Data Protection Regulations on May 25th 2018. This is not a rumour or a potential - it is happening! What is also changing is that previously the Data Protection Act, whilst enforceable, was actually a directive. The new GDPR is legislation - it is not voluntary or suggestive, it is law!
What do I need to be aware of?
The first thing you need to be aware of is that the new regulations will affect you in some form or another. Be aware! It is easier to check and know that be reactive and plead ignorance. Ignorance is absolutely no defence. Whilst the ICO has stated "it’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm. This law is not about fines. It’s about putting the consumer and citizen first. We can’t lose sight of that.", they will still enforce the regulations where necessary.
To carry out an initial audit, we have prepared a basic checklist which asks the outline questions, the answers to which should form the basis of your investigation.