GDPR- so, what is it?

November 3rd, 2016   


The General Data Protection Regulation (GDPR) is a new law coming into force on 25th May 2018, but what is it? And why is the legislation changing?

  • The new law is designed to strengthen data protection for people in the European Union.
  • This legislation will replace the current UK Data Protection Act which has been in place since 1998.
  • This Act, which is nearly 20 years old, is out of touch with modern day life and technologies- now we have mobile devices, data centres, encryption and cloud-based products.
  • In 1998 the Act focused on paper records and electronic data held on in-house servers. The internet was not available to everyone, so the concepts and risks of worldwide information sharing, tracking and theft, barely existed.
  • One aim of the GDPR, by providing a single law for data protection, is to improve confidence in businesses holding personal data.
  • It will also reduce costs for those that have had to comply with varying legislation across countries.
  • In short, the new legislation will apply to any business, wherever it is based, that processes the data of EU citizens- so it’s time to take note.

In the next blog in our GDPR series, find out how the new law will affect UK organisations.

Additionally, click here to discover how we can help prepare your organisation for the change.