DVLA Rule Comes into Effect this August

DVLA Rule Comes into Effect this August

The DVLA has announced the new GDPR regulation which will apply to all private and public sector organisations processing Personal Data and receiving driver information from the DVLA. This means that over 2 million drivers will be required to grant new driving licence data permission to their fleet operator. The rule comes into effect on the 25th of August 2018.

Employers and fleet managers are legally obliged to check a drivers’ entitlement to drive; therefore the August deadline puts them under enormous pressure. To help with this situation, ADLV member companies are contacting their customers to advise on the new compliance requirements, particularly on the implications of the change and how they can ensure they obey the new DVLA requirements.

“This is a huge shift for the DVLA and indeed the driving licence checking industry as a whole. From a technical and compliance perspective, all employers and third parties who are responsible for licence checking will need to be able to demonstrate that the new fair processing declaration has been signed by the driver. This will need to be stored in a way that can be audited by the DVLA to ensure compliance with the new GDPR legislation. This is good news for ADLV members as we are all ISO 27001 accredited – and this simply raises the bar for security and data processing within the industry. Any companies that were not data-secure will now have to adhere to these new standards, which is good for data protection and the licence checking industry as a whole,” explained Kevin Curtis, Technical Director of the ADLV.

Malcolm Maycock, Chair of the ADLV also commented on the changes: “The security of data and compliance in accordance with legislation, whether it is Data Protection regulations or current work-related road safety legislation, is a core business function of ADLV members. Whilst this is a mammoth task in a short time frame, our members are committed to ensure that all processing is correct and complies fully with the new GDPR legislation. The good news is that the new Data Processing Declarations will continue to remain valid for 3 years from the date permission is granted.”

Share this post