1. Data Protection Officers Resource
The data protection officer (DPO) role is not new. However, under both the EU and UK versions of the General Data Protection Regulation (GDPR), the DPO has become a legally appointed position applying to the public sector and most businesses. This in-house developed resource provides a comprehensive assessment of the role of the DPO, how it evolved, what the position entails, and information about the criteria for making an appointment. There is also a section dedicated to businesses who choose not to assign a DPO.
2. Information Rights Legislation
The term Information Rights relates to two specific areas of UK and EU law. It covers legislation governing how organisations handle personal information about us. It also covers the laws and practices that give us rights to access official information, often held by public bodies. The following section contains links to the Information Rights laws and regulations that apply to organisations operating in the UK.
3. UK Information Commissioner’s Office
The Information Commissioner's Office (ICO) is the UK's Supervisory Authority (SA) and the independent regulator responsible for upholding Information Rights. The ICO is a non-departmental public body sponsored by the Department for Digital, Culture, Media and Sport (DCMS). The following section contains several links to the ICO's website that will be helpful to organisations. A separate link is also provided to the Scottish Information Commissioner covering FOI and EIR.
4. EU Data Protection Authorities
Although the UK has now left the European Union, many businesses still have to abide by EU rules where they continue to trade in goods or services with the EU. The following section contains links to data protection webpages for a number of EU institutions and regulators.
5. Useful links & resources
A selection of links to information management and data protection associations.