Data Protection Act 2018
The Data Protection Act 2018, which enshrines the General Data Protection Regulation (GDPR) in British law, received royal assent on the 23 May 2018.
The EU’s GDPR legislation, which came into force on the 25 May 2018, has brought in stricter standards for when and how organisations can contact people or process and store their data than are currently required under the old Data Protection Act 1998. It will also allow the Information Commissioner’s Office to levy fines of up to £17m or 4% of global turnover on organisations that breach the rules.
The new act brings the GDPR requirements into UK law and also extends it to cover legal areas for which the EU does not have oversight. It will remain in force even after the UK leaves the EU.
The new act will not only make the UK’s data protection laws fit for the digital age in which an ever increasing amount of data is being processed, it will empower people to take control of their data, support organisations through the change and ensure that the UK is prepared for the future after we have left the EU.
Find out more about the full Data Protection Act 2018 and the enshrined GDPR
Rate this page
Give us your feedback on this page!