Its policies look at areas including accountability, governance, data protection officers, processing data be it sensitive or otherwise and details lawful basis for processing personal data.
The RGA has confirmed that the policies will be constantly reviewed and updated in order to keep RGA members abreast of any regulatory developments which may occur.
GDPR, created by the European Parliament, the Council of the European Union and the European Commission will come into force on 25 May and has the aim of increasing security and bringing data protection standards under one set of regulations.
Speaking about the decision to publish the policies, Clive Hawkswood, the RGA’s Chief Executive, said: “the principles which underpin the GDPR reflect the importance of safeguarding personal data and ensuring that it is used only where it is appropriate to do so.
“Unfortunately, there remains a good deal of uncertainty about the GDPR’s precise interpretation and application. This guidance is designed to help our sector navigate its way through the requirements as they are presently understood."
In the wake of the introduction, the online industry has undergone a significant realignment of its current personal data structures, with individuals accessing websites being asked to provide consent to revised terms and conditions reflecting these new data protection standards.
Hawkswood added: “It has had input from a wide range of stakeholders and we are heavily indebted to the ICO for the constructive and supportive advice it has provided at different stages of the process.”
