IP & Technology

The new General Data Protection Regulation (GDPR) has now been published in the Official Journal, firing the starting gun on the countdown to compliance. Yesterday’s publication of the official text follows on from final approvals from the Council of the European Union and the European Parliament.

When will the GDPR come into effect?

The GDPR will apply from 25 May 2018, meaning that organisations have just over two years to prepare.

How will the GDPR impact my organisation?

The GDPR will require all organisations to review and update their processes and practices for the handling of personal data. In order to assess the level of impact and the steps required to ensure compliance, each organisation will need to carry out a detailed review of how it currently collects and uses personal data and the adequacy of its internal policies and procedures.

Unless an organisation has a full picture of how it currently processes personal data, it will not be able to work out what needs to be done to ensure it is compliant come May 2018.

Where can I find out more about the GDPR?

We are already working with clients to help their organisations plan and prepare for the GDPR. To find out how we can assist you please contact me or your usual contact in Brodies’ Data Protection and Information Law team.

To get an overview of the key changes download our two page summary to the GDPR (PDF).

We’ll also continue to blog and tweet about the latest developments on the GDPR, including new guidance from the Information Commissioner and UK implementing legislation.

Meantime, if you are in Aberdeen on 19 May then you can catch the last leg of our BInformed seminar series on the GPDR explaining the key changes and what organisations should be doing to prepare. We’ll be running more BInformed seminars later in the year.

Martin Sloan

Partner at Brodies LLP
Martin is a partner in Brodies Technology, Information and Outsourcing group and has wide experience of advising clients on technology procurement and IT and business process outsourcing projects. Martin also advises on data protection, and general technology and intellectual property law, and has a particular interest in the laws applying to social media and new technology such as mobile apps, contactless/mobile payments, and smart metering.