With effect from 25th May 2018 the current European legislation relative to data protection will be superseded by the General Data Protection Regulation (GDPR). As the UK will not have completed BREXIT negotiations by this date, the GDPR will become operative within the UK as part of UK law.
Currently, the UK’s Data Protection Bill 2017 is before parliament and under consideration prior to enactment. This Bill does not seek to incorporate GDPR but proceeds on the assumption that GDPR will become part of UK law on the 25th May 2018. The substance of GDPR will be adopted by the UK government and will remain in force until the UK leaves the EU under the provisions of the European Union (Withdrawal) Act 2018 if and when this is enacted. There is no doubt that if the UK wishes to continue trading with the EU after BREXIT then legislation comparable to GDPR will need to be in place.
GDPR brings with it new concepts and definitions which will present several new challenges for businesses and community transport providers. One such challenge being the requirement not only to record, but also, to report any security breach to the Information Commissioner’s Office and also to the affected individual(s).
Here at Road XS we are well on the way in preparing for the new legislation to ensure compliance with the new legislation, and to protect our clients and their information. Going forwards we will liaise with our clients so as to ensure proper processes are in place to ensure compliance and advise accordingly about what changes will be coming your way. You are well on the way if you already use Road XS as the software includes many of the security standards which will be required to meet the new legislative standard.