GDPR myth busting blogs

We have published a series of blogs that aim to bust some of the myths that have developed around the General Data Protection Regulation.

Guide to the General Data Protection Regulation 

The Guide to the General Data Protection Regulation (GDPR) explains the provisions of the GDPR to help organisations comply with its requirements. It is for those who have day-to-day responsibility for data protection.

Getting ready for the GDPR self assessment toolkit

We have created self assessment checklists for the GDPR. Use our checklists to assess your high level compliance with data protection legistlations and find out what more you need to do to make sure you are keeping people’s personal data secure.


We have produced an FAQs document answering the questions that have been asked most often in relation to the GDPR. These documents have been created for the following sectors:

Lawful basis resources

We have produced a lawful basis interactive tool to give tailored guidance on which lawful basis is likely to be most appropriate for your processing activities. It will give an rating for each lawful basis based on your answers to key questions with suggested actions and links to relevant guidance. 

We have also produced a set of presentations around the subject of lawful basis that were originally screened at the 2018 Data Protection Practitioners' Conference.

Advice service for small organisations

We have a dedicated advice line offering help to small organisations preparing for the new data protection law. 

GDPR for the boardroom

Information Commissioner, Elizabeth Denham talks about how GDPR is an issue for the boardroom.

12 steps to take now 

We have also produced a downloadable graphic that lists 12 steps to take now to prepare for the GDPR.

Personal data breach reporting

We have created resources on breach management and reporting a personal data breach to the ICO.