ICO’s guide to GDPR
The Information Commissioner’s Office (ICO) has recently updated their overview guide to the GDPR as well as expanding on and providing additional information on two key GDPR issues, namely: (i) consent; and (ii) contracts and liabilities.
The guide can be found on the ICO’s website here.
The aim of the guide is to provide a clear and transparent explanation of the provisions of the GDPR to organisations that are responsible for data protection. It has been designed to help organisations prepare for and ensure compliance to the GDPR.
The guide has been described by the ICO as a “living document” for which the ICO will continue to work on and expand in key areas. The guide has yet to be finished but the ICO has indicated that it will provide a framework for which additional guidance can be built on. The guide already contains links to more detailed guidance on key provisions of the GDPR and to the Article 29 Working Party (who represent the various EU data protection authorities) guidance. The ICO’s website also provides tools alongside the guide to help organisations prepare for the GDPR, which includes the “Getting ready for the GDPR checklist” and the GDPR’s “12 steps to take now”.
There is a lot of mixed views circulating in relation to the GDPR at the moment, and we strongly recommend that organisations preparing for the GDPR use the guidance of the regulators (ICO and the Article 29 Working Party) when there is a conflict.