Many organisations have data protection as their key compliance project for 2018 - the General Data Protection Regulation comes into force in May, that's not far away!

The UK Information Commissioner's Office and the main EU advisory body (the snappily titled Article 29 Working Party) have produced a substantial amount of guidance to help employers and other data controllers, and today the EU Commission has added its own slant.

While necessarily less detailed than the ICO and AW29 documents, the EU's guidance is pretty good.  The online Q&A section is particularly good for organisations that are just beginning to grapple with some of the challenges the new regime poses.

We've just finished a series of three seminars looking at the new regime - the key theme is that you have to know what data you currently have, what you do with it and why.  Only by getting to grips with what you do at the moment can you start to get a handle on what compliance means in the brave new GDPR world.