0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

the Data Protection Act 2018 received Royal Assent on 23 May 2018

24 May 2018

Only limited sections of the Act will take effect immediately. Our blog provides a summary of the key information you need to be aware of now.

Data Protection Act 2018

The Data Protection Bill received Royal Assent on 23rd May 2018 in advance of the imminent application of the GDPR on Friday 25 May. 

The purpose of the Data Protection Act 2018 is to physically apply the General Data Protection Regulation (GDPR) into UK law and to replace provisions in the Data Protection Act 1998. The 2018 Act provides clarity on some of the definitions and requirements of the GDPR as applicable to organisations including educational settings. It also sets out the UK’s position on some of the derogations that the EU permitted Member States to make their own determinations on and sets out clearly the role of the Information Commissioner as the supervisory body. 

Not all Sections of the Act are in force with immediate effect, and the Secretary of State has the power to determine by Regulations when other sections will come into force. Currently the overview section and sections relating to terms and interpretation are the ones which have been given immediate effect. The 2018 Act also enables the Secretary of State to introduce Regulations on additional specific matters such as further exemptions on the restriction of data subject’s rights and charges to be paid to the Information Commissioner.

If you need support with implementing GDPR in your school or academy, we have a range of innovative solutions including our GDPR toolkit and DPO helpline. Contact us today to discuss your requirements.

mailing list sign up

Select which mailings you would like to receive from us.

Sign up