The new General Data Protection Regulation (GDPR) has now been published in the Official Journal, firing the starting gun on the countdown to compliance. Yesterday’s publication of the official text follows on from final approvals from the Council of the European Union and the European Parliament.
When will the GDPR come into effect?
The GDPR will apply from 25 May 2018, meaning that organisations have just over two years to prepare.
How will the GDPR impact my organisation?
The GDPR will require all organisations to review and update their processes and practices for the handling of personal data. In order to assess the level of impact and the steps required to ensure compliance, each organisation will need to carry out a detailed review of how it currently collects and uses personal data and the adequacy of its internal policies and procedures.
Unless an organisation has a full picture of how it currently processes personal data, it will not be able to work out what needs to be done to ensure it is compliant come May 2018.