ICO outlines GDPR guidance plans for 2017

The Information Commissioner’s Office (ICO) has revealed more details of how it plans to share its guidance on the EU General Data Protection Regulation (GDPR).

UK organisations will be required to comply with the GDPR from 25 May 2018 and it’s expected that the new UK data protection legislation that will apply after the UK leaves the EU will align with the GDPR.

The ICO has published an update setting out what guidance organisations can expect. Speaking in a blog, Jo Pedder, interim head of policy delivery at the ICO, described the guidance on what organisations could expect as “essential reading” because it would help to plan what areas needed to be addressed in 2017.

“The update explains the work we will be contributing in the coming year as part of the Article 29 Working Party, as well as the guidance and policy development we have opted to prioritise ourselves,” said Pedder.

“As the UK member of the Article 29 Working Party, we are inputting into this process and taking a lead role on a number of priority guidelines aimed at organisations.”

Just before Christmas the Article 29 Working Party published guidelines on the role of the Data Protection Officer, the new right of data portability and how to identify an organisation’s main establishment and lead supervisory authority. They are open to comment until the end of January.

The ICO has added links to the guidelines into the Overview and is considering what, if any, key messages need to be pulled out and explained in more detail.

Related reading