The General Data Protection Regulation (GDPR) will introduce tougher rules on processing personal data, and place businesses under a raft of new duties, including obligations to carry out data protection impact assessments, maintain records of the steps they take towards compliance, and report major data breaches.

Fines for non-compliance, of potentially up to 4% of annual global turnover, are far more penal than under the current regime. So, with the GDPR set to apply in a year from today (25 May 2018), now is the time for businesses to ramp up their preparations for the reforms.

Given the volume of changes the GDPR is bringing, organisations should already have begun preparing for the GDPR. However, if they have not done so they do not need to panic. They can begin the process by carrying out a data protection audit.

The GSA will be hosting a legal panel at their annual Symposium on the 28th of June featuring in depth analysis of GDPR from industry experts. The panel will take delegates beyond the current periphery and share their views around the likely next-practice on everything from Brexit and Trump, to how digital is changing both the process and the construct of contracting in sourcing.