The countdown has begun. The General Data Protection Regulation (GDPR) arrives on Friday 25 May 2018, replacing the Data Protection Act. It introduces new rules that organisations must follow. Penalties for non-compliance will be severe,
so it falls on business owners, directors, technical and data protection managers to be informed and properly prepare for GDPR.
Broader definition of what constitutes personal data
Parental consent required for processing data for under 16's
GDPR rules to govern international transfer of data
Controllers must report a data breach within 72 hours
Penalties of up to 4% of annual global revenue or €20m
Data processors directly liable for security of personal data