This replaces the Data Protection Act of 1998. It is a Regulation which affects all authorities which collect personal data. We collect and use personal data for a number of reasons Council is expected to have all of its members and staff trained to understand the implications of the Regulation. It is ultimately the responsibility of the Council, as the Data Controller,to ensure that things are done correctly.
The GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate their accountability. Compliance with all the areas listed in this document will require organisations to review their approach to governance and how they manage data protection as a corporate issue.
Here are the necessary files that you will need to look at:
|Information Audit||Information Audit|
|Privacy Statements|| Privacy Statement
|Website Privacy Statement||Privacy Statement for website|
|General Data Protection Regulation Policy||Data Protection Policy|
|Data Protection Commitment||Data Protection Commitment|