- About us
- About colleges
-
Corporate services
- Corporate services
- Mental health and wellbeing
- Data Protection/GDPR
-
Employment Services - college workforce
- Employment Services - college workforce
- Employment: How we support members
- Introduction & Employment Helpline
- Absence & Sickness Management
- Contracts and T&Cs
- Disciplinary, Capability & Grievance
- Employment Briefings Library
- Equality, Diversity & Inclusion
- General Employee Relations & HR Issues
- Holiday/annual leave related
- Industrial Relations
- ONS reclassification related guidance
- Pay & Pensions
- Recruitment
- Redundancy, Restructuring & TUPE
- Safeguarding/Prevent
- Workforce Benchmarking, Surveys & Research
- Governance
-
Projects
- Projects
- Get Involved!
- Projects: How we support members
- Resources
- The 5Rs Approach to GCSE Maths Resits
- Apprenticeship Workforce Development (AWD) Programme
- Creating a Greener London – Sustainable Construction Skills
- Erasmus+ EXPECT Project
- Digital Roles Across Non-digital Industries
- T Level and T Level Foundation Year Provider Support Programme
- The Valuing Enrichment Project
- Higher and Extended Project Qualifications
- OfS - Higher Education Social Prescribing Project
- Pears Foundation Youth Social Action Programme: Phase 2
- T Level Professional Development (TLPD) Offer
- T Level Curriculum Macro-Sequencing
- Contact the Projects Team
- DfE Multiply Capability Support Programme
- Creative Arts in FE 2024 – developing student voice through creativity
- Resources/Guidance
- Sustainability & Climate Action Hub
- Partnerships
- Honours Nomination
- Brexit
- Recruitment and consultancy
-
Events and training
- Events and training
- Events
- T Level & T Level Foundation Year Events
- Events and training: How we support members
- Network Meetings
- Annual Conference & Exhibition 2023 Resources
- Previous Events & Webinars
- In-House Training
- Senior Leadership Development Programme
- Introducing AoC's Early Career and Experienced Middle Managers Programme
- Sponsorship & Exhibition Opportunities
- Funding and finance
-
Policy
- Policy
- Meet the Policy Team
- Policy: How we support members
- Policy Areas
- Policy Briefings
- Submissions
- Policy Papers & Reports
- AoC Strategy Groups
-
AoC Reference Groups
- AoC Reference Groups
- Adults (inc. ESOL) Reference Group
- Apprenticeship Reference Group
- Technology Reference Group
- HE Reference Group
- 14-16 Reference Group
- Mental Health Reference Group
- 16-18 Reference Group
- SEND Reference Group
- WorldSkills Reference Group
- HR Reference Group
- Sustainability & Climate Change Reference Group
- EDI Reference Group
- Opportunity England
- Research unit
-
News, campaigns and parliament
- News, campaigns and parliament
- General and mayoral election resources
- Comms advice and resources for colleges
- AoC Newsroom
- AoC Blogs
- Work in Parliament
- AoC Campaigns
- Briefings
- Contact the Communications, Media, Marketing and Research Team
- Communications, media, marketing and research: How we support members
-
Equality, diversity and inclusion
- Equality, diversity and inclusion
- Equality, diversity and inclusion blogs
- AoC’s Equity, Diversity and Inclusion Charter
- Diversity in Leadership
- Black FE Leadership Group and AoC partnership agreement
- AoC's Equity Exchange
- Equality, diversity and inclusion: how we support members
- Equality, diversity and inclusion case studies
- Home
- News, campaigns and parliament
- AoC Newsroom
- GDPR – what has happened in a year?
GDPR – what has happened in a year?
Introduction
On the 30th May 2019 the Information Commissioner’s Office (ICO) launched a new publication entitled GDPR One Year On. The report highlights what has happened since the General Data Protection Regulation (GDPR) (2018/679) and Data Protection Act 2018 have come into force. The ICO saw the introduction of this legislation as a seismic shift in privacy and information rights. It certainly has made us radically alter the way we have had to consider how we now manage the personal data of others.
So what has been the impact of these changes? How have individuals rights been effected by these changes? What considerations do we have now have to make when dealing with the personal data of others?
Increased Trust
Research conducted in July 2018 has indicated that there is increased trust and confidence in companies and organisation storing and using personal data. 34% of those involved indicated that they consider organisations are more trustworthy when dealing with their personal data compared to 21% the previous years. Coupled with this 64% of Data Protection Officer’s stated they either agreed or strongly agreed with the statement “That they have seen an increase in customers and service users exercising their information rights since the inception of GDPR”. The ICO’s own Your Data Matters campaign has led to over 2.5 million more individuals accessing their website.
Increased Enquiries
At the same time the ICO has seen a huge increase in the nature and volume of calls it received with the helpline, live chat and written advice services receiving over 470,000 contacts, an increase of 66% over the previous year.
Children’s Data
One area of special concern to the ICO is that of children’s personal data. They have recently undertaken a consultation on Age Appropriate Design and have put forward 16 standards for the age-appropriate design for services likely to be accessed by children. Whilst most of these relate to the provision of on-line services the same consideration can be equally applied to ensure that the off-line capture of children’s personal data is both suitable and compliant with the regulations. The ICO will be publishing the findings of the consultation in due course.
Support and Guidance
The ICO are also keen to enforce that the provision of support and guidance is a key part of their role and will act in the public interest when organisations wilfully of negligently break the law. The ICO are keen to reassure organisations that this is not simply through the application of large fines but that there is a process in place for the provision of warnings and reprimands before such drastic action is taken.
Personal Data Breaches
This change in legislation has also seen a vast increase in the number of reported cases being received by the ICO, rising from 3,300 personal data breach (PDB) reports in 2017/18 to 14,000 PDB’s received between 25th May 2018 and 1st May 2019. Of these 12,000 cases have now been closed of which only 17.5% required any further action and less than 0.5% led to either an improvement plan or a financial penalty. A similar rise in the number of concerns received has also been seen, almost doubling from 21,000 to 41,000 for the corresponding period. A majority of these (38%) were complaints regarding Subject Access Request’s.
So all in all its been a busy year for the ICO as well as for those organisations trying to ensure compliance with this new legislation.
The AoC are running a series of ‘GDPR in FE Workshops’ throughout 2019/20, please contact training@aoc.co.uk for more information. Alternatively, feel free to book directly for the following dates:
