The General Data Protection Regulation (GDPR) replaced the data Protection Directive of 1995 and came into effect on 25 May 2018 as common law. GDPR applies to organisation’s doing business with the EU and deals with the protection of the personal data of EU citizens. GDPR requires that any breach of data is reported in the UK to the Information Commissioner’s Office (ICO).
Every business owner must be aware of their obligations to not only their customers but to their staff and business partners as well.
Through their normal working practices, each business collects a variety of types of information about the customers, staff and even other businesses that they work with. For those organisations that are required to have one, it is the responsibility of the DPO to ensure that their business remains GDPR compliant.
DPIA must be performed where processing is likely to result in a high risk to the rights and freedoms of natural persons.
What does the Assessment Include?
Each company is unique and our approach would reflect this.
However, there will be a general process that every business will take to GDPR compliance:
Does Your Business Need Help With GDPR?