From 25 May 2018 all businesses need to prepare for the General Data Protection Regulation (GDPR).

Many of the GDPR's main concepts and principles are much the same as those in the current Data Protection Act (DPA), so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from.

You should make sure that decision makers and key people in your organisation are aware that the law is changing to the GDPR. They need to appreciate the impact this is likely to have.

You should document what personal data you hold, where it came from and who you share it with. You may need to organise an information audit across the organisation or within particular business areas.

You should review your current privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.

You should designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation's structure and governance arrangements.

Don't get caught out make sure your business is prepared for May 2018......For more information on the GDPR take a look at the link HERE.