In the UK, the Data Protection Act 1998 (DPA) is a law introduced to protect personal data stored on computers or in an organisation filing systems. Its purpose was to control the way information is handled and gave people “Data Subjects” legal rights over the purpose, lawfulness, accuracy, period and what information was held about them.
Since the birth of the DPA, technology has moved on dramatically. Social media, Internet presence, mobile technology and CCTV have all emerged and grown and the act is long overdue an overhaul.
Enter, The General Data Protection Regulation (GDPR), which comes into force on May 25th 2018 and although companies have been given 2 years in which to comply, it appears that many organisations are struggling to meet the requirements.
We will use this page to put together some useful information for companies to help them with their compliance with the new regulations.