The deadline for all stakeholders to comply with the Data Protection Act (DPA) has been moved from October 2024 to January 2025.
The DPA was initially assented to by Parliament in August 2018 and became enforceable in October 2021, with the government giving stakeholders a one-year grace period to comply. Since then, that grace period has been extended almost every year.
The act defines what constitutes personal data and outlines the rights and obligations of parties involved in the processing of personal data, including the data subject, data controller and data processor.
Further, the Data Protection Act establishes the Information and Data Protection Commission, which will ensure the effective application of the Data Protection Act after its commencement.
In July, the amended DPA bill was passed by parliament with some amendments made to the original Act.