The Information Commissioner’s Office (ICO) has published its update reflecting on its GDPR experience over the past year and its upcoming priorities to stay relevant, foster innovation and maintain its position as an “influential regulator on the national and international stage”.
Supporting the public, DPOs, SMEs and other organisations
The first year of the GDPR has made individuals aware of the control they have in relation to their personal data and of the powers regulators have in connection with protecting such rights. On the flip side, organisations have been under pressure to ensure their handling of personal data is compliant under the new regime. The ICO has seen an increase in engagement from businesses, data protection officers (DPOs) and individuals. The number of contacts made via the ICO helpline, live chat and written advice services has increased by 66 per cent in the past year.
Still, the ICO has pointed out that there is “a long way to go to truly embed the GDPR and to fully understand the impact of the new legislation”. Almost half of respondents to the ICO survey confirmed they had experienced certain unexpected consequences resulting from the GDPR.
The ICO has, therefore, continued to produce comprehensive guidance, blogs, toolkits, checklists, podcasts and FAQs to support businesses, especially small organisations and sole traders where GDPR compliance may have been particularly challenging. Guidance released by the ICO has included: the Guide to the GDPR, the Guide to Law Enforcement Processing, and its interactive tools for understanding lawful bases for processing and for continued data flow in the event of a no-deal Brexit.