European Commission
April 2016
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
HM Government
HM Government
May 2018
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR) and replaces the Data Protection Act 1998.
European Commission
European Commission
Rules on data protection in the EU from the European Commission. Including information on data protection in the Eu; Data transfers outside the EU; and reform of EU data protection rules.
HM Government
The full text of the statutory instrument. PECR sits alongside the Data Protection Act and the GDPR.
Toolkit from the ICO to help data controllers and data processors assess high level compliance with data protection legislation.
A series of blog posts from the ICO aiming to bust some of the myths that have developed around General Data Protection Regulation compliance. Topics covered include data breach reporting, new fining powers and the issue of consent.
Guidance from the ICO for organisations that wish to send electronic marketing messages (by phone, fax, email or text), use cookies, or provide electronic communication services to the public.
Information Commissioner's Office guidance for those who have day to day responsibility for data protection. It explains the purpose and effect of each principle, gives practical examples and answers frequently asked questions. Also covers specialist topics including CCTV, employment and data sharing.
Guide from the ICO explaining the provisions of the UK GDPR and what organisations need to do to comply with its requirements. Includes ‘In brief’ summaries and checklists as well as more detailed content in key areas.
October 2018
A self-assessment checklist that will help sole traders and self-employed individuals to assess their compliance with new data protection laws. It is aimed at improving understanding of data protection and making sure sole traders are keeping people’s personal data secure.
February 2022
Guidance from the ICO for organisations in the public and private sectors. Addresses new applications of video surveillance technologies and how the UK GDPR and DPA 2018 applies. Technologies include: Traditional CCTV; Automatic Number Plate Recognition; Body Worn Video; Facial Recognition Technology; Drones; More commercially available technologies such as smart doorbells and dash cams. The guidance does not cover the use of CCTV in domestic settings.
Article 29 Working Party
EU level guidance on the General Data Protection Regulation. Produced by the Article 29 Working Party, an independent European advisory body on data protection.
HM Government
Government guidance on data protection, covering: recruiting staff; managing staff records; marketing products or services; monitoring staff at work and CCTV
National Cyber Security Centre
May 2018
Guidance from the National Cyber Security Centre (NCSC) on the introduction of the General Data Protection Regulation (GDPR) and what it means for cyber security.
Sift Media
GDPR hub page from AccountingWeb which includes features and news articles.
Incisive Business Media
News and features on GDPR and data protection from Computing magazine
IDG Communications
News and features on GDPR and data protection from Computerworld