From 25 May 2018 the data protection regulations are changing as the new General Data Protection Regulation (GDPR) will be implemented.
The GDPR applies to all EEA countries, and every individual and organisation trading with them, regardless of size. Although the UK is to leave the EU a data protection bill will incorporate all of the GDPR as well as introducing new provisions to enable the UK to continue to be GDPR compliant.
Whilst the data protection rules are being refreshed they are not being fully rewritten. The new regulations build on the current data protection act by adding enhancements in areas where the ways in which we work and the technology that we use differ from that of twenty years ago.
The ICO has a range of resources on their website in order to support you with the implementation of the GDPR and these can be found here. Please be aware that this guidance is not yet finalised, and may change, as the ICO are continually updating this section of their website as new developments are made.
We would recommend that you review the website and in particular the GDPR: 12 Steps to take now document, as failure to comply with the regulations can bring significant penalties of 20 million Euros or 4% of worldwide turnover.