HEADS UP

Are you Prepared for The General Data Protection Regulation (GDPR)?

On 25 May 2018, the EU General Data Protection Regulations (GDPR), a new legal framework for data protection, will come into effect in the UK. The UK government has confirmed that the UK’s decision to leave the EU will not prevent the introduction of the GDPR, so it is important that governors and trustees begin to consider any potential impact

GDPR will replace the Data Protection Act 1998 (DPA) and represents the biggest change to data protection law for 20 years. With some GDPR breaches carrying fines of up to 4% of global annual turnover or 20 million Euros, now is the time to start planning. Individuals have stronger rights to be informed about how organisations use their personal information.

For the first time in data protection law, the GDPR will introduce the requirement of “accountability”. In basic terms, accountability means that organisations will not only be required to comply with data protection requirements, but also that they must demonstrate that they comply.

Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act, so if you are complying with the current law most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently.

The Information Commissioners Office (ICO) is the UK's independent authority set up to uphold information rights and they are committed to helping organisations improve their practices and prepare for the GDPR.

As a starting point we suggest governors:

·         Visit the GDPR section on the ICO website

·         Look at the  ICO’s overview of the GDPR - a good place to start

·         Look at the 12 steps to take towards compliance which the ICO has published

·         Raise awareness of GDPR at all levels within their school

At this moment in time we are unsure how the GDPR will affect schools but we suggest Governors and Head teachers read the information to familiarise themselves with the requirements.

We will forward you more information when we receive it.

Taylorfitch. Bringing Newsletters to life