GDPR is intended to update and harmonise data protection law across the EU. It comes into force on 25th May 2018 in all member states including the UK.
There are many steps that need to be taken by organisations, including (but by no means exclusively) data audits and policy reviews, the publishing of updated privacy notices for clients, customers, employees and job applicants. These need to show what data is collected and how the data is used.
Organisations need to review third party contracts to ensure that the third parties are GDPR compliant. Such third parties could include payroll providers, recruitment or consulting services in addition to many others.
Further information can be found on the Information Commissioners website at ico.org.uk
If you require any assistance please do not hesitate to call us on 0121 511 2233