The General Data Protection Regulation (GDPR) is a new law coming into force on 25th May 2018, but what is it? And why is the legislation changing?
- The new law is designed to strengthen data protection for people in the European Union.
- This legislation will replace the current UK Data Protection Act which has been in place since 1998.
- This Act, which is nearly 20 years old, is out of touch with modern day life and technologies- now we have mobile devices, data centres, encryption and cloud-based products.
- In 1998 the Act focused on paper records and electronic data held on in-house servers. The internet was not available to everyone, so the concepts and risks of worldwide information sharing, tracking and theft, barely existed.
- One aim of the GDPR, by providing a single law for data protection, is to improve confidence in businesses holding personal data.
- It will also reduce costs for those that have had to comply with varying legislation across countries.
- In short, the new legislation will apply to any business, wherever it is based, that processes the data of EU citizens- so it’s time to take note.