On 25 May 2018 the long-awaited GDPR came into force across the EU. On the same day, the UK’s Data Protection Act 2018 also became law. While the DPA 2018 incorporates large chunks of GDPR wholesale, it also carved out some specific exemptions that UK businesses need to know about.
In our webinar on understanding the Data Protection Act 2018, VinciWorks’ GDPR experts Nick Henderson and Gary Yantin explored the newly enacted DPA 2018 and the key differences and derogations from GDPR you need to know about. These include:
- The interconnected relationship between GDPR and the DPA
- The powers and role of the ICO
- How Brexit will affect data protection law
- Using automated decision making and customer profiling
- How to process criminal offence data in the UK
- The new criminal offences in the UK
Few businesses are DPA 2018 compliant – key findings
- Only 13% of attendees said they feel they are fully compliant with the Data Protection Act 2018
- Under the DPA 2018, Lawyers can refuse subject access requests and ignore the duty to inform because this counts as a duty of confidentiality owed by a professional legal adviser
- How similar is the Data Protection Act 2018 and GDPR? The DPA and GDPR are designed to be read alongside each other. They are not the same thing, and one does not take precedence over the other.
- 33% of attendees feel they have a poor understanding of the Data Protection Act 2018
The GDPR resource page
VinciWorks’ GDPR resource page contains a host of free resources, including previous GDPR webinar recordings, policy templates, GDPR related guides and course demos.