General Data Protection Regulations

GDPR Key Facts:

  • The established principles of data privacy remain relevant under GDPR which builds on the existing Data Protection Act 199
  • Came into force: 25th May 2018

Scottish Procurement issued the Scottish Procurement Policy Note (SPPN)  SPPN 2/2018 on 20th April 2018 about the changes to UK Data Protection legislation.  The SPPN includes some background information and also some information about how this impacts on public procurement.

Quickfire Guide

Quickfire Guide

Scottish Procurement Policy Note Key Messages

The key messages of the SPPN are:

  • New data protection legislation (the General Data Protection Regulations, commonly known as GDPR) come into force on 25 May 2018.
  • Organisations will have to consider the impact on their procurement processes and new and existing contracts to ensure these are compliant with the new legislation as it comes into force.
  • This SPPN provides general information only about the change and highlights specific GDPR guidance about contracts issued by the Information Commissioner’s Office (ICO).

The SPPN also includes some additional information for organisations including, for example, specific actions required by organisations and The Law Enforcement Directive (LED).