EU General Data Protection Regulation

When will it be introduced?

The General Data Protection Regulation (GDPR) will apply in the UK from 25 May 2018. The government has confirmed that Brexit will not affect this regulation coming into force.

Who will GDPR apply to?
The GDPR applies to ‘controllers’ and ‘processors’. The definitions are broadly the same with a few enhancements to key areas such the introduction of ‘the Right to be forgotten’, data portability, breach notifications and greater accountability.

If you are a processor, the GDPR will place greater liability on you for example if a breach occurs. Controllers have greater responsibility to ensure contracts with processors are operated correctly. 

The GDPR applies to processing carried out by organisations operating within the EU and outside the EU.

The GDPR does not apply to certain activities including processing covered by the Law Enforcement Directive, processing for national security purposes and processing carried out by individuals purely for personal/household activities. There are further obligations under the Electronic Commerce (EC Directive) Regulations 2002, these specifically deal with online selling and buying activities through eCommerce functionality. 

How can RADCaT Ltd assist me with compliance?

STEP 1 - The first step is to review what is in place currently. This is completed in the form of an assessment by one of our consultants and, dependent on the size of your business, could take either half or a full day. This is a thorough check to ensure we do not duplicate any good work that has already been completed, provided it is compliant with the new regulations.

STEP 3- During the plan, we will assist with compliance in the following areas:
• Policies and Procedures, amendments and implementation
• Physical Document security and data inventory.
• Training for your Data Protection Officer and wider business
• Assistance and signposting for cyber protection.
• Review of the implementation plan at key points.
 STEP 2 - Following the assessment, a report will be produced to shows the areas of compliance and non-compliance. The report will contain recommendations for remedial action that is required. We are likely to need the input of our associates in various areas. We will then agree a plan of action with you and add some times lines. This will ensure matters are on track for the start of the regulations.

STEP 4- Formal review of the whole process will take place once the implementation has been completed. With sign posting for an annual review. We are also able to go one step further and
provide ISO 27001.

For a full list of training click here.
There are further documents and guides on this subject available on this site click here, for training course on the General Data Protection click here.

Call us on 
01942 824 635 

Contact us

Share by: