The General Data Protection Regulation (GDPR), or the Data Protection Bill, will come into force on 25 May 2018. Despite there being less than a year for UK organisations to become compliant, the Information Commissioner’s Office (ICO) has yet to finalise its consent guidance, which it plans to release in December. As the specifics surrounding consent requirements under the GDPR are still subject to change, it can be a challenge to know what proactive measures your organisation can take now.
Nevertheless, it’s expected that the central components of what is currently known about GDPR compliance will remain relatively unchanged when the official guidance is published by the ICO. For that reason, your organisation should review how it obtains customer consent to ensure that it meets the following GDPR requirements: (more…)