In December 2017, the Article 29 Working Party (WP29) published detailed draft guidelines on consent under the General Data Protection Regulation (GDPR). The guidance, which is currently open for consultation until 23 January 2018 provides an analysis of the concept of consent, together with guidance for organisations on the requirements to (i) obtain; (ii) demonstrate and (iii) maintain valid consent under the GDPR. The UK ICO issued its own draft guidance on consent earlier last year.
The Information Commissioner’s Office (ICO) has recently updated their overview guide to the GDPR as well as expanding on and providing additional information on two key GDPR issues, namely: (i) consent; and (ii) contracts and liabilities.
The Information Commissioner’s Office (ICO) has published draft GDPR guidance on contracts and liabilities between controllers and processors. The paper, which is currently open for consultation until 10 October, aims to provide practical guidance and explain the fundamental requirements that all contracts between controllers and processors must meet by 25 May 2018 in order to be GDPR compliant. The guidance also seeks to help organisations understand the new responsibilities and liabilities of processors.
The General Data Protection Regulation will come into force throughout the EU, including the UK (despite Brexit) on 25th May 2018. The UK Government is busily preparing for its implementation. GDPR will bring about the greatest change to data protection law in thirty years. Below we have highlighted some of the main considerations for energy and natural resource companies and provided some guidance to aid GDPR compliance. There are only eight months until the GDPR takes effect and organisations should be acting now!
Once upon a time we had the Data Protection Act…then we had the General Data Protection Regulation (GDPR)…..then we had Brexit….and now we have the UK Data Protection Bill!
Now that the GDPR is in final form and set for implementation on 25 May 2018, the ICO has issued updated guidance on the 12 steps to GDPR compliance. This update reviews the ICO’s updated guidance, highlights any changes and reminds you of the steps your business should be taking now to ensure compliance before 25 May 2018.
During the Queen’s speech on 21 June 2017, a new UK Data Protection Bill was announced, which will be introduced to Parliament in September. We have been focusing on the General Data Protection Regulation (GDPR) – an EU Regulation coming into force on 25 May 2018 – so what does this new UK Bill mean?
Part 7: Do you need to appoint a Data Protection Officer (DPO)?
Welcome to the final part of our blog series on the General Data Protection Regulation (GDPR) and what it means for employers and HR teams. This blog will concentrate on the new rules on the appointment of Data Protection Officers (DPO) under the GDPR and how these will affect employers and HR teams.