EC

Elizabeth Care Consulting Ltd

Free resource · Data protection
Clarity. Confidence. Better care.
Free readiness check · deadline 19 June 2026

The new data complaints deadline: are you ready?

From 19 June 2026, every care provider must have a formal process for handling data protection complaints made directly to them. This 2-minute check shows you what you need in place — and where your gaps are.

4
days until the 19 June deadline

How to use this

This is a plain-English explainer and readiness check, not legal advice. Tick what you already have in place, and you'll get back a clear picture of what's left to sort before the deadline. Always refer to the current ICO guidance for the detail.

What's changed

A new duty to handle data complaints

The Data (Use and Access) Act 2025 (section 103) adds a new section 164A to the Data Protection Act 2018, in force from 19 June 2026. It applies to all data controllers, with no exemptions — which includes every care provider.

From that date, people can complain directly to you about how you handle their personal data, and they must raise it with you before they can take it to the ICO. You then have to deal with it properly: on the record, acknowledged within set timeframes, and answered without undue delay. Most small services have no formal process for this — and from the 19th, that's a gap an inspector, or a complainant, can point at.

2-minute readiness check

Tick what you already have in place

Be honest — it's just for you. Tick the things that are genuinely set up and working today.

A clear, easy way for people to complain to you about how you handle their data — a named contact and route.
You accept a complaint however it arrives — email, phone, letter, in person, even social media.
You acknowledge a complaint within 30 days of receiving it.
You investigate complaints reasonably and proportionately, without undue delay.
You keep the person informed of progress and any delays.
You give the outcome without undue delay, and in writing.
You keep a register or log of complaints — received, acknowledged, investigated, outcome.
You have acknowledgment and response templates ready to use.
Your privacy notice tells people how to complain to you.
Your staff know the process and pass complaints to the right person promptly.
Tick the ones that apply, then see where you stand.