Why councils must prepare now for 2018 data protection rules
GDPR law changes will make it difficult to be compliant, warns Socitm
Councils should act now to prepare for the General Data Protection Regulation (GDPR) in 2018, local government CIO body Socitm has recommended.
GDPR is expected to completely overhaul how organisations deal with people's personal data when it comes into force in two years' time, and Socitm believes compliance will be difficult to achieve in some cases.
The EU legislation, when it is adopted into UK law, will replace the existing Data Protection Act, which was published back in 1998 before the invention or mass adoption of technologies like the cloud, which are now commonplace.
As a result, it will seek to give people more control over who can use their data, including the right for them to ask an organisation to delete what information it holds on them, more clarity over how their data is processed, as well as easier access to their own data.
Organisations seeking to process people's data will be required to obtain more explicit consent in order to do so, too. Tougher financial penalties will also be introduced for organisations that experience data breaches.
Socitm's head of research, Andy Hopkirk, said: "Accommodating the changes will be a matter of amending existing processes rather than inventing new ones. Some of the changes could be onerous and problematic. For example, councils will need to be able to deal correctly and completely with right to be forgotten' requests - perhaps the single greatest challenge in an almost ubiquitously networked and distributed computing world."
Its new briefing, Data protection:
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now