With less than 16 months to go, the countdown to May 2018 and GDPR is well underway. Organisations already adhering to the current Data Protection Act will undoubtedly benefit from their previous investment in data security and the evaluation of their approach to handling data. However, for those organisations, it would be a mistake to assume automatic compliance with the new GDPR regulations.
GDPR v DPA - there are clear differences. DPA works on a basis of presumed consent from individuals, whilst GDPR give individuals greater rights and control over their data, not to mention the hefty fines for non-compliance.
With data protection, security and privacy at the heart of GDPR, this article summarises some of the key differences between GDPR and the existing DPA.
The burden of proof has shifted to the organisation and not the individual/data subject. In the instance of a complaint to a supervisory authority, organisations are guilty until proven innocent. Awareness is high up on the priority list for most on GDPR... Security, Privacy & Protection.