As well as GDPR launching back in May 2018, there was also an updated Data Protection Act 2018 that was introduced alongside this. You may think, well aren’t these the same thing? As explained by the ICO, there are a few extra points that the Data Protection Act 2018 takes into consideration. Let us walk you through it.
How does the Data Protection Act 2018 differ from GDPR?
The Act is a full data protection system, that includes GDPR. This means it also covers topics such as general data, law enforcement data and national security data. It is an umbrella term, and the DPA is not limited to the UK GDPR provisions.
How does this affect businesses?
This new Data Protection Act replaces the older 1998 version, and is an upgrade of this. All organisations should ensure they are processing data in accordance to the latest regulation. It ensures businesses can legally exchange information both within the EU and internationally, in a safe manner.
Is it important to improve cyber security?
Data protection does require organisations to protect their internal IT systems from interference by hackers. This falls under the 7 principles of GDPR – personal data should be processed confidentially and lawfully. The DPA Act also requires organisations to evaluate the risks of processing personal data, and ensure measures are put in place to reduce this further. Cyber security is something that is often included within this.
Key elements of the Data Protection Act 2018
In summary, the DPA 2018 is split into several categories: general data processing, law enforcement processing, intelligent services processing, and regulation/enforcement. The GOV UK website goes into further details for each of these categories. The main thing to be aware of is that this new data protection act is very much focused on the new digital age. Modernising the old 1998 version in keeping with not only the digital economy, but the digital society.