Get your data protection compliance ready for a no-deal Brexit
30 September 2019
If you have customers in the EEA (the EU plus Iceland, Norway and Liechtenstein), you may have to take action before 31 October to keep it business as usual.
The Information Commissioner’s Office (ICO) has resources to help you with what you need to do, including detailed guidance and interactive checklists.
At the moment personal data flow is unrestricted because the UK is an EU member state. If the proposed EU withdrawal agreement is approved, businesses can be assured that personal data will continue to flow until 2020 while a longer-term solution can be put in place.
However, in the event of ‘no deal’, EU law will require additional measures to be put in place by UK companies when personal data is transferred from the European Economic Area (EEA) to the UK, in order to make them lawful.
With one month to go until the UK leaves the EU, the ICO recognise that businesses and organisations are concerned.
Visit the Data protection and Brexit area of the ICO’s website for help and guidance.
You can also read Elizabeth Denham’s latest myth-busting blog which challenges some of the misconceptions about what a ‘no deal’ Brexit will mean for UK companies transferring personal data to and from the EEA.
Information provided in this news article may be subject to change. Please make note of the date of publication to ensure that you are viewing up to date information. Download the CIPP's Payroll: Need to know - your guide to payroll legislation and reporting for the most up to date data.