Emily Keaney, the ICO’s Deputy Commissioner reassured the Westminster e-Forum on 15 January by saying that organisations that are already compliant with the UK GDPR do not need to do much. But there are aspects in the Data (Use and Access) Act (DUAA) that companies may wish to take onboard, as they make life easier for data controllers.

“We are now updating all our guidance, starting with areas where the biggest changes are. We have a guidance pipeline on our website. We are holding many consultations on key topics – this helps us to produce practical guidance that makes sense to stakeholders. We have also added health warnings to pages on our website to say whether there are updates,” Keaney said.