We recently wrote about the uncertainty surrounding the GDPR, it’s implementation and its relevancy post-Brexit. The ICO has now confirmed that the GDPR (General Data Protection Regulation) will now be obligatory, which means that organisations now have less than 18 months to comply with the GDPR if you handle EU citizen data, which includes residents of the UK.
The GDPR is confirmed for 2018
As negotiations of ‘Article 50’ continue and not forgetting the 2-year transitioning period, the UK will still be a part of the EU in 2018. The GDPR will be updating data protection laws for the first time in twenty years and it is vital that organisations understand that compliancy is not an option.
Listen to the advice of the ICO
The ICO has been advising organisations of the upcoming changes for several months. With changing environments surrounding data security and technological advances, it is now the right time to update these policies and procedures to provide a thorough framework to help data controllers.
The ICO will be releasing more information in the coming months for best practices to align with the new regulation. The ICO already has several articles and documents available online to start implementing best practices.
What does this mean for my organisation?
Many have been eager to hear the announcements of the implementation of this regulation and the wait is now over. With less than 18 months to comply, it is vital that businesses and organisations start to revisit data security practices or be in danger of facing fines of up to €20 million or 4% of global annual turnover.
Encryption (as well other data security measures) are recognised as data protection methods of best practice and will keep you on the safe side of the GDPR. Organisations are urged utilise encryption or face the consequences.
Find out more about the GDPR on our website or speak to our expert advisors on how we can help you with your data security concerns as well as becoming compliant with the GDPR.