The General Data Protection Regulation (GDPR) is a Regulation by which the European Commission plans to strengthen and unify data protection for individuals within the EU. It also addresses export of personal data outside the EU. The Commission’s primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

The regulation was adopted in April 2016 (so is currently in force) and EU member countries have a 2 year transition period up until May 2018 to make local legislative changes. However unlike an EU Directive, it does not depend on national governments to pass new local legislation.

The following resources help to ensure you are kept abreast of the latest developments caused by the application of the GDPR.

Key Recommendations

All Articles

What will the general data protection regulation mean for business?

In December 2015, three years after the first draft was proposed, and almost 20 years since the Data Protection Directive was adopted, EU lawmakers came to agreement on the reform of data protection law. The new General Data Protection Regulation (GDPR) was agreed upon and is currently in the process of formalisation and translation.

GDPR: more concern for marketing or IT?

Many businesses now consider the threat of GDPR “much more a concern of the marketing department,” than for IT, according to group technology officer at Blenheim Chalcot Accelerate, Mark Ridley. Speaking…

What small businesses must know about GDPR and MiFID II

MiFID II (The Markets in Financial Instruments Directive) will be weaved into UK law from July 2017 and will demand immediate compliance from January 3rd 2018. It’s a weighty piece of regulation for the financial services industry and is applicable to anyone who provides services linked to financial instruments. So, even if you’re a lone IFA, you’re still duty bound to work within the new framework.

Complying with the general data protection regulation (GDPR) in Europe

In this video, privacy & data security partner Heather Sussman discusses the EU’s new data protection framework, the General Data Protection Regulation (GDPR), which will go into effect in May 2018. The GDPR is designed to standardize the regulation of personal data processing activities in Europe, requiring that organizations document data processing activities, as well as those of their vendors and vendors’ vendors, measures which many companies find highly challenging.

A lack of guidance over the EU's GDPR could cripple British businesses

There is no denying that the General Data Protection Regulation (GDPR) marks a great step forward for data protection in the UK and across Europe. But with less than 16 months until it comes into force, it is critical for UK businesses to start preparing now.

Know of a resource that helps people secure their data? Submit it today