Get your data protection compliance ready for a no-deal Brexit

30 September 2019

If you have customers in the EEA (the EU plus Iceland, Norway and Liechtenstein), you may have to take action before 31 October to keep it business as usual.


The Information Commissioner’s Office (ICO) has resources to help you with what you need to do, including detailed guidance and interactive checklists.


At the moment personal data flow is unrestricted because the UK is an EU member state. If the proposed EU withdrawal agreement is approved, businesses can be assured that personal data will continue to flow until 2020 while a longer-term solution can be put in place. 


However, in the event of ‘no deal’, EU law will require additional measures to be put in place by UK companies when personal data is transferred from the European Economic Area (EEA) to the UK, in order to make them lawful.


With one month to go until the UK leaves the EU, the ICO recognise that businesses and organisations are concerned.


Visit the Data protection and Brexit area of the ICO’s website for help and guidance.


You can also read Elizabeth Denham’s latest myth-busting blog which challenges some of the misconceptions about what a ‘no deal’ Brexit will mean for UK companies transferring personal data to and from the EEA.




Information provided in this news article may be subject to change. Please make note of the date of publication to ensure that you are viewing up to date information.