The new General Data Protection regulations are due to be implemented from 25th May, and the Optical Confederation has issued guidelines for LOCs in response. Most of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA) and so most compliance activities will remain the same. However, there are some new elements and some enhancements.
Most of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA) and so most of your approach to compliance will remain the same. However, there are some new elements and some enhancements, so there will be some changes to be made.
Data must be:
In addition, the GDPR creates rights for individuals and it is a further responsibility for organisations to respect
these rights:
The Optical Confederation recommends the following key steps:
ABDO recommends that all practitioners read the guidance in full here. The Data Protection Bill is still going through the UK Parliament and the Information Commissioner’s Office (ICO) is still updating its guidance. This will be finalised when the bill has been passed and full details confirmed. LOCSU along with the OC will issue any further guidance as required.