Timing

“We will be members of the EU in 2018 and therefore it would be expected and quite normal for us to opt into the GDPR and then look later at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public.”

KAREN BRADLEY
Secretary of State for Culture, Media and Sport

The GDPR initiative was adopted in April 2016 four years after EC Vice-President, Commissioner Viviane Reding, published proposals to reform European data protection rules.

By May 2018 all EU member states will be affected. So will every company in every country worldwide, that does business with them.

And, for those who might be pinning their hopes on a GDPR-free, post-Brexit  environment, the news isn’t good. Irrespective of whether Britain’s exit from Europe is “soft” or “hard”, the UK Government has already declared an intention to honour the dictates of the new regulation. Post-Brexit, the overwhelming likelihood is that the UK will either be subject to the GDPR or will enact legislation that is functionally identical.

How prepared are you?

• Have you evaluated your policies? and procedures to determine if they need to be updated?
• Have you thought about what changes to your systems and data management capabilities might require?
• Do your data management and marketing processes address the obligations created by the new rights granted by GDPR?
• Will your incident response plans, data breach management, reporting procedures be ready for the 2018 deadline?
• Are you in a position to offer appropriate training? for those who are involved in processing or the management of personal data?

Even if you answered, “yes” to all five questions, the real hard work of compliance is only just beginning. And if you answered “no” to any of them, then your problems haven’t even started.

To see the detail on Timing, please refer to the PDF and information on this section.

 GDPR Academy Detail Notes