GOVERNORNORS BLOG GDPR
If you haven’t come across the GDPR (General Data Protection Regulation) then we should probably start by explaining that it’s the new EU wide data protection that comes into force on the 25th May this year. This is a significant step change from the Data Protection Act 1998 and reflects the fact that our use of information has changed a lot over the last 20 years.
What have we done so far?
OWPS is fortunate enough to have an experienced Governing Body and access to some useful external guidance, which has helped us in doing a gap analysis of our technical and organisational controls. Whilst there’s no denying that we have some changes to make, we’ve been able to evidence some good practises and are already in the process of working on the gaps.
What does this mean for you?
Hopefully not much will change on the surface, as OWPS is already a data controller and we believe that we have a good approach to our lawful basis for processing personal data. However, we’re not being complacent and so will be undertaking audits and training to ensure that OWPS will continue to be compliant. If you have any questions about our processing or controls please let us know.
The OWPS Governing Body.