General Data Protection Regulation (GDPR) and early years and childcare providers

The General Data Protection Regulation (GDPR) is an EU law that came into effect in the UK on 25 May 2018. The changes will remain in place even after the UK leaves the EU in 2019. It replaces the Data Protection Act 1998.

GDPR gives individuals greater control over their personal data. As an early years and childcare provider you may already have a data protection policy in place, however, GDPR has introduced significant changes that you need to be aware of and ensure your policies and practice are compliant by 25 May 2018.

The ICO (Information Commissioners Office) has a guide to the GDPR and helpline for small organisations to assist early years and childcare providers to be compliant.

Our booklet, Herefordshire Records Management, provides guidance on the legal and recommended retention periods for records kept by early years providers.

If you are a member of a professional body, such as PLA, NDNA, Pacey, DCMA, Early Education, they will also have information, draft documents and training to support you.