ICO guidance on GDPR

Government (finally) confirms GDPR will apply to UK and the ICO's guidance notes will be published soon


Jonathan Moore

Jonathan Moore


The General Data Protection Regulation ("GDPR") is set to reform data protection law across the EU. The wording of the GDPR was finalised last spring when it was confirmed that it will come into force on 25 May 2018.

June's referendum threw a small spanner in the works, following which it was not entirely clear to what extent the GDPR would be implemented in the UK. To clear up the uncertainty, the government has now confirmed that the GDPR will automatically become law in the UK on 25 May 2018 after all.  Even though it was expected that this would be the case, it is still helpful to have the confirmation.

Unfortunately, even though we know what the GDPR says, there is a lot of uncertainty how it should be applied in practice.  Fortunately, the Information Commissioner, Elizabeth Denham, has now confirmed that the ICO will soon be providing a timetable which will tell us when it will be publishing its guidance notes to help guide organisations through the practical application of the GDPR.   

We still do not know what will happen to data protection law in the UK following our exit from the EU (date to be confirmed) but the Information Commissioner has made it clear that this should not distract organisations from "the important task of compliance with GDPR by 2018."

Starting in November, we will be providing monthly updates which will focus on different elements of the GDPR and provide practical advice on complying with the new obligations. If you would like to subscribe to the monthly updates, please contact us on info@bevanbrittan.com

Insights from Jonathan Moore

Rolls-Royce to pay £652 million for bribery and corruption offences

by Jonathan Moore

Does your organisation have "adequate procedures" to prevent bribery?

ICO issues record fine of £400,000 for data breach against Talk Talk

by Jonathan Moore

Last week, the Information Commissioner's Office issued a record fine of £400,000 for a breach of the Data Protection Act 1998 by...

GP Practice fined £40,000 for data protection breach

by Jonathan Moore

A GP Practice has been fined £40,000 by the Information Commissioner's Office for disclosing a woman's confidential details to her...

US Data sharing: Welcome to the Privacy Shield

by Jonathan Moore

The US Privacy Shield has now been approved and comes into force with immediate effect.

Brexit: The impact on Data Protection

by Jonathan Moore

The General Data Protection Regulation ('GDPR') will be coming into force across the European Union on 25 May 2018. The aim of the...

Data sharing with the US: A Privacy Shield update

by Jonathan Moore

The EU and US have been working together to prepare an adequate replacement to the Safe Harbour regime.

Former employee prosecuted for taking client contact list

by Jonathan Moore

A former employee has been prosecuted and fined for taking the details of his previous employer's client.

General Data Protection Regulation: In force from May 2018

by Jonathan Moore

After four years of drafting and negotiation, the wording of the General Data Protection Regulation has now been finalised and the...

Related Insights

Use of CCTV in Care Packages in the Community

by Hannah Taylor

The use of CCTV in packages of care in the community represents a serious risk issue for commissioners, providers and care...

Authority Update 10/2/2017

by Claire Booth

Brief details of recent policy and legal developments relevant to those involved in local government work

Authority Update 21/10/16

by Claire Booth

Brief details of recent Government publications, legislation, cases and other developments relevant to those involved in local...

Keep up to date With Bevan Brittan

What interests you?

About you?