By Jo Pedder, Interim Head of Policy Delivery.
There’s nothing like a new year to focus the mind on self-improvement. And from a data protection perspective, there’s something about the arrival of 2017 that makes the implementation of GDPR in May 2018 seem so much closer.
The ICO remains committed to helping organisations to improve their practices and prepare for the GDPR. Today we’ve published an update setting out what guidance organisations can expect. It’s essential reading, as it will help you plan what areas to address across the next twelve months.
Consistency across the EU is one of the key drivers of the GDPR, and the Article 29 Working Party – the body that currently brings together the DP authorities across Europe – is leading the way developing guidelines on some of the key aspects of the law. As the UK member of the Article 29 Working Party, we’re inputting into this process and taking a lead role on a number of priority guidelines aimed at organisations.
The update explains the work that we will be contributing in the coming year as part of the Article 29 Working Party, as well as the guidance and policy development we have opted to prioritise ourselves.
The central pillar to our guidance is the Overview of the GDPR. We are developing the Overview as a living document, adding content on different points as more guidance is produced by us and the Article 29 Working Party. This is available now on our website.
It’s worth adding the Overview to your favourites so that you can check regularly for updates, which will be clearly flagged in the ‘what’s new’ section. Where we are working on guidance, or we are planning events or consultations on a particular issue during the year we will flag these in the Overview too.
Just before Christmas the Article 29 Working Party published guidelines on the role of the Data Protection Officer, the new right of data portability and how to identify an organisation’s main establishment and lead supervisory authority. They are open to comment until the end of January (Update: this has now been extended to 15 February 2017). We have added links to the guidelines into the Overview and we are considering what, if any, key messages we need to draw out and explain in more detail.
Don’t forget, we’ll be including all the key updates in our enewsletter, and flagging progress on twitter too.
|Jo Pedder is Interim Head of Policy Delivery. She has lead responsibility for the ICO’s guidance on the Data Protection Act and the Freedom of Information Act.|