By Sandra Madigan, Law Content Manager HR, CIPD

As you work through your organisation assessments in readiness for the General Data Protection Regulation (GDPR), take stock and consider the Data Protection Bill, which came out this month . The Bill aims to uphold cyber security and privacy of information, and introduces new offences such as altering, destroying or concealing information requested by an individual under a subject access request (SAR). SARs are one of the processes that you need to audit in preparation for the GDPR which comes into force on May 25, 2018, and the Bill highlights further the need to review and update your policies, procedures and processes in line with the GDPR.

If you haven’t already completed your organisation audit and started prepping for GDPR based on your results, now is the time to start doing so.

Have you, for example:

• Identified potential compliance problems and recorded these on the organisation’s risk register?
• Chosen and communicated on who will be your Data Protection lead?
• Reviewed how you seek, record and manage consent?
• Considered whether you will need to conduct Data Protection Impact Assessments?
• Reviewed how you will assess and act on any breaches?

If you haven’t already started working on these action points, or you are not sure how to, book your place on CIPD Law on Tour , which is coming to a place near you in October 2017. We will be discussing the GDPR and many other topics.

Looking forward to seeing you there.