This Friday, 25th May, sees the introduction of the General Data Protection Regulation (GDPR) across the European Union.
GDPR is an overhaul of existing EU legislation on data protection, and will apply to all members and accountancy firms.
Broadly speaking, these new regulations should be welcomed. They will give people greater control over data that exists about them, specifically that which organisations keep and use to communicate with them.
Members need to understand and familiarise themselves with what personal data they hold, in order to decide what action to take.
Progressing Data Protection
It’s important to remember that GDPR is an update, not a wholesale revision, building upon the existing Data Protection Act 1998 (DPA 98). In that sense, it should be seen as the continuation of a journey that began twenty years ago.
Whilst compliance is compulsory if you process personal data, you won’t be expected to have all processes and procedures in place by 25th May. However, all organisations will be expected to have planned for implementation by that date.
Additionally, if you’re already compliant with DPA 98, you’re already most of the way there.
Trust and Ethics
Trust is a crucial factor in maintaining the integrity of our profession, and indeed the strength of economies more widely. The introduction of GDPR should give individuals greater faith that their data is being handled responsibly, and thus that businesses are behaving ethically.
At ICAEW, we already maintain our own code of ethics, of which one of the fundamental principles is maintaining confidentiality of information. We’re trusted advisors and partners to all sorts of organisations, and in that sense have a role as the guardians of data. The principles of GDPR go hand-in-hand with much of what we stand for.
Further Information and Member Support
We’ve set up an online hub, containing a host of information and resources on GDPR, including FAQs, helpsheets and checklists, as well as webinars and videos featuring insight from ICAEW specialists and others.
We will of course continue to update our advice and evolve our support, in line with legislative developments and judgements from the Information Commissioner’s Office (ICO).