The Information Commissioner’s Office is to publish a revised timeline for the UK implementing the EU’s General Data Protection Regulation after Brexit.
Information commissioner Elizabeth Denham, writing in a blog post, welcomed the UK government’s confirmation that it will implement the EU’s General Data Protection Regulation (GDPR) despite the outcome of the UK referendum.
“I see this as good news for the UK,” Denham said. “One of the key drivers for data protection change is the importance and continuing evolution of the digital economy in the UK and around the world. That is why both the ICO and UK government have pushed for reform of the EU law for several years. The digital economy is primarily built upon the collection and exchange of data, including large amounts of personal data – much of it sensitive. Growth in the digital economy requires public confidence in the protection of this information.
“Citizens want the benefits of these digital services but they want privacy rights and strong protections too. Having sound, well-formulated and properly enforced data protection safeguards help mitigate risks and inspire public trust and confidence in how their information is handled by business, third sector organisations, the state and public service.
“The major shift with the implementation of the GDPR will be in giving people greater control over their data. This has to be a good thing. Today’s consumers understand that they need to share some of their personal data with organisations to get the best service. But they’re right to expect organisations to then keep that information safe, be transparent about its use and for organisations to demonstrate their accountability for their compliance.
“The ICO is committed to assisting businesses and public bodies to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.
“As early as January 2016, we met with organisations to better understand the challenges they will face to comply with the law, and we’ve already started to publish work to help with that, from our 12 steps to take towards compliance to our recent privacy notices code of practice which includes GDPR detail.”
Within the next month, the ICO will publish a revised timeline setting out what areas of guidance it’ll be prioritising over the next six months. The new timetable will be published on the ICO website.
Rregulatory requirements and expectations for fundraising bodies and their boards under current and forthcoming data protection legislation to be set out
Consultation will enable charities, fundraisers and the general public to feedback on suggested changes to the Code
The Information Commissioner’s Office has informed 11 charities that it intends to fine them for breaching the Data Protection Act
Just 5% of charities still to sign up to online services