- What we do
- Who we work with
- Who we are
The GDPR shares many similarities with the existing DPA, but there are some important changes to be aware of.
The DPA was put together in 1998, which means by next year it will be 20 years old. While many areas are still relevant today, the fast-paced development of technology and globalisation have led to significant changes in the way businesses handle data.
There are also differences across EU member states in the way the DPA has been implemented. The GDPR aims to address these differences and bring a unified approach to data protection. This will strengthen the safety of sharing data between EU countries and external countries, who will need to comply with the GDPR requirements when processing EU citizens’ personal data.
With the DPA, you already need to get consent before you can store personal data. The GDPR will require that consent is “freely given, specific, informed and an unambiguous indication of the individual’s wishes”. This means that pre-ticked boxes will no longer be acceptable as a form of consent.
As part of the implementation of the GDPR, you will need to complete a review of the way you gain consent. Any consent previously obtained, that does not meet the new requirements, will need to be obtained again to achieve appropriate consent standards.
The GDPR will apply in the UK from 25 May 2018. The UK government has confirmed that the introduction of the GDPR will go ahead, despite the decision to leave the EU.
As you can imagine, there is a plenty more to the GDPR than can be covered in a single blog post. Look out for future updates from CompanyNet on this subject – follow us on Twitter and LinkedIn to be the first to know.
Microsoft Cloud Future thinking Collective intelligence Office 365 Intranets Business intelligence Digital Transformation Technical Business Transformation Office Gold Partner 20th Anniversary Change Management Privacy CRM Microsoft Inspire Partners Director's Briefing Women in IT Public Sector Training Websites