jigsawAs you will be aware, the General Data Protection Regulation (GDPR) becomes effective on 25th May 2018, and this regulation will apply to any Business that obtains personal information about any living person.

The new regulation seeks to improve and clarify the rights of the individual (Data Subject) and clarifies the responsibilities of Data Controllers and Data Processors (Businesses that collect, store, handle or Process Data).

Over recent months, we have been reviewing our Policies, Processes and Systems to ensure that we are able to comply with the new regulation. 

If you have not already started your review, we would recommend that you start as soon as possible to assure yourselves that you can comply with the new regulation.

In the meantime, if you need any guidance you should approach the Information Commissioners’ Office (ICO) where there is guidance on the activities you need to undertake in order to provide assurance that you can comply with the new Regulation – click on the link below to see a useful document that the ICO has produced.

https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf 

You may also find it useful to visit the ICO web page https://ico.org.uk/for-organisations/business/ where you will find guidance and checklists specifically designed for SMEs (Small and Medium sized Enterprises) to assist you in the review process.