Data protection law originally came into being as a reaction to the misuse of personal data by totalitarian regimes before and during WW2. It is intended to strike a balance between the rights of individuals to privacy and the capacity of businesses, organisations and governments to use personal data for their own purposes.
The computer and the internet have made it much easier and quicker to store, transfer and process personal data and have therefore exposed personal data to greatly increased risk of misuse, loss and theft. The EU and national governments have in response introduced a series of laws and regulations culminating in the General Data Protection Regulations (GDPR) which will become law in the UK in June 2018 regardless of the Brexit vote.
As the GDPR brings with it significant changes, including mandatory breach reporting and very heavy fines, BLM and Airmic have joined forces to develop a guide on the GDPR for risk managers. This is now available for download on the Airmic website here.