What is Data Protection?
Data protection is the way privacy rights are safeguarded when personal data is collected and processed. The Courts Service has overall responsibility for ensuring compliance with data protection law in relation to personal data it controls. This responsibility is set out in the Data Protection Act 2018.
All Courts Service employees who control or process personal data are individually responsible for complying with data protection legislation and regulation.
What is the General Data Protection Regulation (GDPR)?
The General Data Protection Regulation (GDPR) was adopted in 2016 and came into force across Europe on 25 May 2018.
The GDPR replaces previous data protection rules under Directive 95/46/EC and the national Data Protection Acts 1988–2003. These have been updated by the Data Protection Act 2018 to take account of the GDPR. Together, they are known as the Data Protection Acts 1988–2018.
Main objectives of the GDPR
The GDPR standardises and strengthens the data privacy rights of all EU citizens. Its main objectives are to:
- Harmonise and simplify data protection across the digital single market.
- Put individuals in control of their personal data.
- Promote modern data protection governance and accountability.
At the heart of the GDPR is the requirement for organisations to be transparent about how they use and safeguard personal data, and to demonstrate accountability for their data processing activities.
