Since the announcement of the new General Data Protection Regulations (GDPR) many of our clients have been asking for our guidance and support in this transition in legislation. In this week’s blog articles we would like to offer you a little breakdown of what we know so far as an industry and the ways in which CloudyGroup, whether you’re a customer of CloudyIT, CloudyCreative, CloudyComms or CloudyWebHosting, can help.
Where has GDPR come from?
It has been nearly twenty years since the introduction of the infamous Data Protection Act 1998 which is still to this day brandished around by unknowing lay people as a mantra for non-compliance. And just when we thought we had all wrapped our heads around the function, purpose and practicality of the DPA, and all the ways it affected those of us who handle personal and sensitive data, along came the Freedom of Information Act in 2000 just to turn the whole thing upside down. This spawned a generation of “Freedom of Information Requests” (often misguided and pertaining to information not covered by the act) being rebuffed with good old “Data Protection” denials.
Which left a lot of data handlers in a horrible mess. And just think – this all came into force before the likes of Facebook, Twitter and Skype even existed! Gmail had no public access. Amazon had only just started trading in the UK. NHS records were still kept in a little brown bundle in your local surgery. The world of personal data looked very different.
So now the EU are bringing in GDPR to tidy things up, and make laws more relevant to the amount of our personal data that’s out there.
In May 2016, after four years of research, development and planning, the EU announced the directive for the European General Data Protection Regulations (commonly referred to as GDPR) which come into force in May 2018 in the UK in the form of a new Data Protection Bill. The aim of this Bill is to tidy up any confusion, address the needs of any company holding personal data in an increasingly digital age, and increase the rights of privacy of the individual. In the UK this will be implemented and enforced by the Information Commissioner’s Office (ICO) and will therefore be unaffected by Brexit.
Read Wednesday’s blog article to find out more details on how GDPR differs from the DPA…