The Information Commissioner, Elizabeth Denham, has warned businesses that there’s no time to delay in preparing for “the biggest change to data protection law for a generation”. In a YouTube video addressing boardrooms, Ms Denham says “If your organisation can’t demonstrate that good data protection is a cornerstone of your business policy and practices, you’re leaving your organisation open to enforcement action that can damage both public reputation and bank balance. But there’s a carrot here as well as a stick: get data protection right, and you can see a real business benefit.”
Among a number of initiatives to mark one year until GDPR compliance, the Information Commissioner’s Office (ICO) has published an updated data protection self-assessment toolkit for SMEs which includes a new element to help organisations assess their progress in preparing for the GDPR (see ICO: self assessment toolkit) and has updated its “12 steps to take now” guidance (see ICO: Preparing for the General Data Protection Regulation – 12 steps to take now). The ICO has also launched its Information Rights Strategy, setting out its mission statement to increase public trust over the next four years.
Also to mark the occasion, the European Commission has issued a statement in which it says that it will be stepping up its work with member states and engaging with companies to ensure harmonisation and avoid fragmentation in implementation of the GDPR. Within the year, it will also launch an EU-wide campaign to raise awareness so that Europeans are conscious of their rights.