As many colleagues will be aware, the law regarding how organisations must protect individuals’ privacy and personal data, is changing. From 25 May 2018, the General Data Protection Regulation (GDPR) will apply in the UK, replacing the current Data Protection Act.

What does this mean for Warwick?

Many of us – as individuals and departments, process a significant volume of personal data on people connecting with the University. We need to have better control of the data we hold about people, and to ensure our processes are compliant with the GDPR.

An operational steering group has been established with representatives from key teams to take forward actions across central services. Heads of department have also received initial information and discussed the key issues, risks, and priority activities.

What should I do now?

In due course, all departments will need to conduct a review of the personal data they hold and their processing activities. More information and guidance to undertake this activity will be provided soon. In the meantime, all staff members should get GDPR aware – familiarise yourself with the GDPR Key Terms and principles.

What happens next?

Our GDPR webpages will be updated regularly with useful information on activities, frequently asked questions, sources of support and best practice examples on what can be done to help prepare for the GDPR. We will share key updates via insite and departmental communications.

In the meantime, if you have any further questions, please contact gdpr at warwick dot ac dot uk