By Lisa Rix - 31 May 2018
As you will no doubt be aware from the flurry of GDPR-related emails over the last couple of weeks, GDPR came into force on Friday 25 May 2018. The UK government also passed the UK’s Data Protection Bill 2018 last week (which must be read alongside GDPR).
The Information Commissioner’s Office (ICO) (the data protection regulator) has confirmed that it will not be expecting perfection immediately from smaller business, but it is looking for a “commitment” from these firms “to move forward with their new obligations”. The ICO says it will be focused on businesses that deliberately, persistently or negligently misuse data.
Despite the drive for businesses to become GDPR compliant prior to last Friday, businesses should remember that this is “not an end point, it’s just the beginning” and that “effective data protection requires clear evidence of commitment and ongoing effort”.