Introduced to keep pace with the modern digital landscape, GDPR is more extensive in scope and application than the current Data Protection Act (DPA). The Regulation
extends the data rights of individuals and requires organisations to develop clear policies and procedures to protect personal data
and adopt appropriate technical and organisational measures.