ICO on GDPR Brexit impact

Data protection and Brexit – ICO advice for organisations

Business, especially SMEs are being prepared for a possible no-deal Brexit.

Even though the basis on which the UK will leave the EU has yet to be decided, the Government has made it clear that the General Data Protection Regulation (GDPR) will be absorbed into UK law at the point of exit, so there will be no substantive change to the rules that most organisations need to follow.

But for those companies that rely on the transfers of personal data between the UK and the European Economic Area (EEA) may be affected. The GDPR allows for free flow of personal information between companies in the UK and the European union, but if the UK leaves the EU without a withdrawal agreement that specifically provides for the continued flow of personal data, it will no longer be possible to exchange personal information.

In this event, the Government has already made clear its intention to permit data to flow from the UK to EEA countries. But transfers of personal information from the EEA to the UK will be affected.

ICO guidance

The ICO has published guidance and practical tools to help organisations understand the implications and help them plan ahead. These comprise of:

Do you require assistance with GDPR and Data Protection Act 2018 compliance? Aphaia provides both GDPR adaptation consultancy services, including data protection impact assessment, and Data Protection Officer outsourcing.

Leave a Comment

(0 Comments)

Your email address will not be published. Required fields are marked *