Implementing the GDPR

16 November 2017

On 25 May 2018 the EU’s General Data Protection Regulation (GDPR) comes into force. The GDPR will replace the UK’s Data Protection Act 1998 in most respects, and be the defining piece of legislation for data protection compliance. The GDPR will
increase obligations on businesses dealing with personal data in areas such as:

  • Information to be given to individuals.
  • Export of personal data outside the EU.
  • Using third parties to conduct data processing.
  • IT and physical information security.
  • Security breach notification.
  • Carrying out assessments before using personal data.
  • Record keeping obligations.
  • Rights of individuals to require information to be deleted or transferred.

Our GDPR flyer provides further information on the key principles and penalties for breach of the GDPR.

Eddie Powell Author
Eddie Powell
Partner
About the author