GDPR post-implementation - what next?

The General Data Protection Regulation (GDPR) came into force on 25th May 2018 following a two year transition period, which gave organisations time to prepare and implement the necessary changes.

In the months leading up to the deadline, there was an unprecedented level of activity in the market, which was a clear indication of the importance of data protection, the value of data to our working lives and the fear of getting things wrong.

Regardless of whether your firm has a tight grip on data protection, or is still getting its information governance into shape, one thing that we can all benefit from is a continual focus on the topic in an effort to promote and strengthen a culture of data protection.

In this article, we will briefly explore these common themes and pitfalls, as it may help to refocus our collective efforts and promote a data protection culture.

Topics covered:
• Training.
• Subject Access Requests (SARs).
• Lack of internal policies or procedures.
• Overall security.
• Data.