Next year will see the introduction of the new European personal data regulations to keep pace with the modern digital landscape, but is your business ready for the changes?

In May next year, the Data Protection Act (DPA) will be replaced by the EU’s General Data Protection Regulation (GDPR), which covers much more than the previous act and comes with much tougher punishments for those who fail to comply with the new rules around the storage and handling of personal data. Consumers will be able to ask for personal data, or information posted when they were children, to be deleted.

The Data Protection Act was originally launched back in the 1990s, at a time when only the largest companies had the means to collect and store significant amounts of data. Fast forward to the modern day, and companies of all shapes and sizes are required to collect and store data, whether it be online or offline. Thousands of SME’s rely on data for everyday use – used in everything from sales and finance to marketing and digital.

According to, “GDPR is more extensive in scope and application than the current Data Protection Act (DPA). The Regulation extends the data rights of individuals, and requires organisations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organisational measures”.

The GDPR will apply in the UK from 25 May 2018. For more information on how to prepare for the new legislation, there’s some great articles on the BBC website, including this one: