In our guide, we have included lots of useful information and guidance about how you and your business can prepare for GDPR.
The requirements under the GDPR are broadly similar to the Data Protection Act 1998 (DPA) but they give additional weight to the rights of the subjects of any data collection, most obviously, in terms of penalties.
If you are already operating good risk management, including being transparent about your data collection and storage and ensuring that your clients have given active consent to any processing operations not covered by one of the other grounds for lawful processing, then GDPR is not likely to be very onerous.
There's also the European Commission’s Article 29 Working Party webpage and you can find the official text of the General Data Protection Regulation at eur-lex.europa.eu.
We're publishing a series of blogs from experts, including members of our Privacy Law Committee, about the key issues and considerations you should take into account.