Clarkslegal LLP - Solicitors in Reading and London

Legal Updates

Further Guidance published by the ICO on Demonstrating Compliance with the GDPR

13 February 2018 #Data Protection

The ICO have recently published further guidance on the upcoming GDPR and the records organisations (both data controllers and processors) need to keep of their processing activities, and lawful basis for such processing.

The GDPR places a great emphasis on accountability and organisations being able to proactively demonstrate their compliance with the GDPR. The ICO guidance makes it clear that while some organisations with less than 250 staff may not need to keep as comprehensive a record as larger organisations, given that employers will be frequently processing personal data in the day to day running of the organisation, the accountability provisions will still apply. Examples of what needs to be documented are set out in the guide.

All organisations should be preparing themselves for the GDPR and the changes coming into force on 25 May. Existing records and privacy notices should be reviewed to ensure that they will still be compliant once the GDPR comes into force.

If you need any advice on preparing for the GDPR, or need a hand updating your privacy policies, please contact our data protection team.

This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Read more articles


Data Protection team
+44 (0)118 958 5321