What the draft GDPR guidance means for data controllers
The main area of the ICOs consultation is around contracts and liabilities between data controllers and processors. There is already a requirement in the current Data Protection Act‘s principle 7 relating to security measures. In the draft guidance of the GDPR however, the regulation requires much more detail when it comes to contracts. Organisations will be required to, when writing contracts, aim to set high standards, as well as protect the interests of their data subjects.
These contracts relate directly to the data processors that are employed to handle your data, as well as when they then employ another processor to work on their behalf.
What GDPR means for data processors
A GDPR, relating to the payment of damages and fines in the event of a breach.processor is generally considered to be a third party that processes personal for another organisation. The responsibilities and liabilities the processor are given new consideration in the
You have until 10 October to submit your views in the ICOs open consultation, which will be published late 2017. So what do you think about the proposed guidance? Do you see it affecting you and your organisation?