Data protection for SMEs is a still a hot topic following the introduction of the GDPR in 2018. With just over a month before the UK leaves the EU, many questions still remain unanswered and data protection continues to be an area of concern for many of our customers.
The ICO is the UK’s independent authority set up to uphold information rights. In a recent blog they discuss how Brexit might affect data protection regulations for UK businesses.
According to ITPRO, “while the UK is removing itself from the EU’s legal framework, it will continue to stand by the GDPR for now.”
However, Brexit will still affect data transfers between the UK and the EU.
The ICO has published guidance and tools to help businesses plan ahead, including an FAQ, broad guidance on the effects of leaving the EU without a data agreement and a six step guide.
A quick snap-shot of the guide is as follows:
- Continue to comply with GDPR regulations
- Review your data flows to identify any data received from outside of the UK
- Review your data flows to identify any data transferred outside of the UK
- If you operate across Europe, review your data flows to assess how Brexit will affect data regulations that apply to you
- Make sure the relevant people in your organisation are aware of any planned changes following Brexit
Preparation is key, and if businesses plan ahead this will reduce the risk of any issues or confusion arriving after 29th March 2019.
By now businesses should have GDPR compliance in place, and a review of current measures should not be too daunting a task.
If you’re concerned about data protection or that your business is not up to date with GDPR regulations, further advice is available from the ICO.