General Data Protection Regulations (GDPR) - How can we help?

The General Data Protection Regulations: How can we help?

25 May 2018 may seem a long way off and unless it’s your birthday or wedding anniversary just another day but it is a very important date in the world of Data Protection. This is because it is the day that the EU’s General Data Protection Regulations (GDPR) will come into force. The Information Commissioner’s Office (ICO) and the government have confirmed that they expect UK individuals and organisations to adhere to the GDPR as post Brexit the UK’s data protection legislation (currently the Data Protection Act 1998 (DPA)) must meet the GDPR standard.

ICAEW’s Business Law department and the IT faculty are drafting new guidance for members and would like this to be as useful as possible.  So we would like to know what are the issues surrounding the GDPR that you are struggling to come to grips with? What form of guidance would be most useful to you? Would you just like a summary of the regulations and a list of key definitions, or more practical help such as a checklist of what has changed and what you need to do, examples of model contract clauses or sources of further information? Would webinars or workshops be helpful?  Do members in practice and business have different needs?

 Please email me ( or post a comment below

  • A great start would be a link as to where to find the actual regulations, so that I can help my clients (pension trustees and pension third party administrators) understand what is new, and what is a reinforcement of existing data protection good practice. I am someone in practice wanting to help audit and assurance clients. So a summary of the regulations and a list of key definitions followed by a checklist of changes and actions would be ideal. I give my thumbs up to any webinar or workshop too. Having been to one initial panel discussion in the pensions industry I found there was little knowledge of the GDPR requirements, and the discussion became a general discussion of IT stories and lost focus. Starting with the summary of regulations and potential impact would help learning and shared discussion of finding practical solutions.
  • Thank you for your comments. The full text is available here
    Or look at the ICO website which is slightly more user friendly -
    We will be aiming to be as practical as possible and so we asking members to share with us any practical tips and advice.
  • It would be helpful if more guidance clarified the extent to which GDPR impacts the way that firms of accountants will need to record and store business data or only the personal data they hold (eg: re personal tax clients and private clients and prospective personal clients).