Why councils must prepare now for 2018 data protection rules

GDPR law changes will make it difficult to be compliant, warns Socitm

Data protection

Councils should act now to prepare for the General Data Protection Regulation (GDPR) in 2018, local government CIO body Socitm has recommended.

GDPR is expected to completely overhaul how organisations deal with people's personal data when it comes into force in two years' time, and Socitm believes compliance will be difficult to achieve in some cases.

The EU legislation, when it is adopted into UK law, will replace the existing Data Protection Act, which was published back in 1998 before the invention or mass adoption of technologies like the cloud, which are now commonplace.

As a result, it will seek to give people more control over who can use their data, including the right for them to ask an organisation to delete what information it holds on them, more clarity over how their data is processed, as well as easier access to their own data. 

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Organisations seeking to process people's data will be required to obtain more explicit consent in order to do so, too. Tougher financial penalties will also be introduced for organisations that experience data breaches.

Socitm's head of research, Andy Hopkirk, said: "Accommodating the changes will be a matter of amending existing processes rather than inventing new ones. Some of the changes could be onerous and problematic. For example, councils will need to be able to deal correctly and completely with right to be forgotten' requests - perhaps the single greatest challenge in an almost ubiquitously networked and distributed computing world."

Its new briefing, Data protection: ?, sets out some of the changes and advises how councils can update their information governance frameworks to meet the new requirements. 

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020