On 25th May 2018, the Data Protection Act will be changing and replaced by the General Data Protection Regulations (GDPR).
The General Data Protection Regulations will give you more rights relating to the processing of your personal information by any organisation including the Council. The rights are:
- The right to be informed – This is the right to be told how your information will be processed
- The right of access – This is right to ask the Council and any other organisation for copies of your information (also known as a Subject Access Request)
- The right to rectification – This is the right to ask for your personal information rectified if it is inaccurate or incomplete
- The right to erasure – This is the right to ask the Council to delete or remove your personal information
- The right to restrict processing – This is the right to ask the Council to block or restrict processing of your personal information
- The right to data portability – This is the right to ask for your personal information to be transferred elsewhere. For example, if you move to another Council area.
- The right to object – This is the right to ask us to stop certain types of processing of your personal information
- Rights related to automated decision making/profiling – This is the right to ask us to review any automated decisions made about you, for example, decisions made by a computer system. A good example of this would be where a Council computer system decides that you are not eligible to bid for a Council Property.
What steps are the Council taking?
The Council are currently putting in place a number of steps to ensure compliance with the new Data Protection law by May 2018, including the following:
- establishment of a Council wide GDPR Working Group
- working in conjunction with our insurers, Zurich, who will provide quality assurance around our compliance with the new legislation
- feeding into national consultations around proposed changes in the legislation
- inviting the Information Commissioner’s Office to local and regional groups
- carrying out a Council-wide audit in relation to GDPR compliance so that our policies, systems and processes are compliant
More details will be available closer to the time of the new legislation being implemented, however, if you have any questions in the meantime, please contact us.