Useful links

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR) and replaces the Data Protection Act 1998.

Rules on data protection in the EU from the European Commission. Including information on data protection in the Eu; Data transfers outside the EU; and reform of EU data protection rules.

The full text of the statutory instrument. PECR sits alongside the Data Protection Act and the GDPR.

Toolkit from the ICO to help data controllers and data processors assess high level compliance with data protection legislation.

A series of blog posts from the ICO aiming to bust some of the myths that have developed around General Data Protection Regulation compliance. Topics covered include data breach reporting, new fining powers and the issue of consent.

Guidance from the ICO for organisations that wish to send electronic marketing messages (by phone, fax, email or text), use cookies, or provide electronic communication services to the public.

Information Commissioner's Office guidance for those who have day to day responsibility for data protection. It explains the purpose and effect of each principle, gives practical examples and answers frequently asked questions. Also covers specialist topics including CCTV, employment and data sharing.

Guide from the ICO explaining the provisions of the UK GDPR and what organisations need to do to comply with its requirements. Includes ‘In brief’ summaries and checklists as well as more detailed content in key areas.

A self-assessment checklist that will help sole traders and self-employed individuals to assess their compliance with new data protection laws. It is aimed at improving understanding of data protection and making sure sole traders are keeping people’s personal data secure.

Guidance from the ICO for organisations in the public and private sectors. Addresses new applications of video surveillance technologies and how the UK GDPR and DPA 2018 applies. Technologies include: Traditional CCTV; Automatic Number Plate Recognition; Body Worn Video; Facial Recognition Technology; Drones; More commercially available technologies such as smart doorbells and dash cams. The guidance does not cover the use of CCTV in domestic settings.

EU level guidance on the General Data Protection Regulation. Produced by the Article 29 Working Party, an independent European advisory body on data protection.

Government guidance on data protection, covering: recruiting staff; managing staff records; marketing products or services; monitoring staff at work and CCTV

Guidance from law firm White & Case which outlines national GDPR compliance requirements across the European Economic Area, including the UK.

Guidance from the National Cyber Security Centre (NCSC) on the introduction of the General Data Protection Regulation (GDPR) and what it means for cyber security.

GDPR hub page from AccountingWeb which includes features and news articles.

News and features on GDPR and data protection from Computerworld

News and features on GDPR and data protection from Computing magazine