DPDI #3 is here

They say third time’s a charm. Well, the UK’s GDPR Reform Bill, the DPDI, is back.

On 7 November King Charles gave the King’s Speech, setting out the government’s agenda and the explanatory note lists the DPDI Bill on pages 28 to 30.

It’s the third iteration, but it’s in 2023 so we’re calling it DPDI23.

Updated Side-by-Side Analysis

We’ve updated our crosswalk of UK GDPR, now against DPDI23, focussing on:

• RoPAs
• DPOs and SRIs
• DPIAs and Assessments
• DSRs

RoPAs

Here’s a challenge, spot the difference in the RoPA requirements:

There is a difference in the exemption from having to maintain RoPAs. We predict lots of argument over this, but much will depend on the phrase ‘high risk’. If that’s inherent risk, everyone will need RoPAs. If that’s residual risk, hardly anyone should need RoPAs. But that’s not what we think the intent was meant to be – though there’s precious detail to go on. Get ready for the arguments…

DPOs and SRIs

We’ve covered our thoughts on SRIs and their impact on UK Privacy in a separate blog. We see the SRI turbocharging expenditure by UK businesses on compliance, so existing DPOs needn’t worry about work drying up.

As to the tasks for an SRI compared to a DPO… they’re far more extensive and include an obligation to ensure measures are in place and maintained to ensure compliance:

Get the full side-by-side

You can download our full side-by-side on RoPAs, SRIs and DPOs, DPIAs and Assessments, and DSRs here: UK GDPR Brexit Reforms DPDI 2023. 

How Keepabl helps SRIs (and DPOs!)

If you’re likely to be made an SRI – and if you’re in charge of Privacy now – you’re going to want to be able to prove you’re fulfilling your tasks and that you’re ensuring compliance at your organisation. Keepabl’s award-winning Privacy Management Software is your Privacy framework out-of-the-box, with data mapping, rights management, risk, breach and more.

And our B2B SaaS Security will make your IT Manager very happy when you delegate to them 🙂

Book your demo now!