The Information Commissioner’s Office (ICO) today announced an open consultation on certain draft guidance relating to elements of the General Data Protection Regulation (GDPR).
What the draft GDPR guidance means for data controllers
The main area of the ICOs consultation is around contracts and liabilities between data controllers and processors. There is already a requirement in the current ‘s principle 7 relating to security measures. In the draft guidance of the GDPR however, the regulation requires much more detail when it comes to contracts. Organisations will be required to, when writing contracts, aim to set high , as well as protect the interests of their subjects.
These contracts relate directly to theprocessors that are employed to handle your , as well as when they then employ another processor to work on their behalf.
What GDPR means for data processors
A GDPR, relating to the payment of damages and fines in the event of a breach.processor is generally considered to be a third party that processes personal for another organisation. The responsibilities and liabilities the processor are given new consideration in the
You have until 10 October to submit your views in the ICOs open consultation, which will be published late 2017. So what do you think about the proposed guidance? Do you see it affecting you and your organisation?