The ICO has published a raft of useful information and guidance on its website to help organisations prepare for the new data protection regulation which comes into force on 25 May 2018, including a 12-step checklist against which you can check your progress. The key points are:
- Identify what personal/sensitive data you hold and where
- Manage how this data is obtained, used and accessed
- Protect the data by establishing security controls to prevent breaches
- Fulfil reporting requirements through good record keeping
Failing to comply with the regulation could lead to a fine of up to €20m or 4% of turnover, whichever is larger. Our data protection team can audit your current data protection regime and advise you on how to comply.