What is GDPR ?

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation designed to strengthen and unify Data Protection within the EU. GDPR will replace the existing UK Data Protection Act 1998 when it comes into effect on 25th May 2018

But isn’t the UK leaving the European Union?

The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR, meaning that the University will need to ensure it is compliant with new requirements.

How will it differ from the Data Protection Act?

Many things will be the same, or very similar, but there will be some big changes. GDPR has been designed not only to harmonise Data Protection practices, but specifically to strengthen the rights of Data Subjects.

For example; organisations need to be able to demonstrate compliance with the Regulation in a way not previously required, the standards required for gaining consent to process personal data are much higher, organisations will be required to report significant data breaches to the Information Commissioner’s Office within 72 hours, and the potential penalties for non-compliance are significantly higher than they are currently (potentially amounting to a 20 million Euro fine).

Where can I find out more information about GDPR?

Information Assurance Services are leading on ensuring the University's processes and procedures will be in line with GDPR by 25th May 2018. Please make use of the below links to find out more about GDPR and how it will affect the University. Please check back regularly as new content will be added on a regular basis.

In the meantime if you have any questions please contact us by calling extension 7945 or by emailing ias@le.ac.uk.

In addition the Information Commissioner’s Office has online information dedicated to GDPR which you can access via this LINK.

 

Share this page: