The latest checklist from the ICO highlights 12 steps you can take now to prepare for the General Data Protection Regulation (GDPR) which is expected to come into force in mid-2018.
Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA), so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently.
This resource from the ICO is a great place to start to work out the main differences between the current law, the GDPR and what your schools may need to do to be data compliant. Over the next few months the ICO will set out its plans to produce new guidance and other tools to assist preparation and we will keep you up to date with these.
To download a copy of the 12 step guide, follow this link.