Despite Brexit, GDPR will still apply to UK companies
A recent study found that 24% of UK businesses have put their preparation for GDPR on hold ahead of the country’s upcoming exit from the EU. However, the UK’s information commissioner, Elizabeth Denham, has insisted that UK companies should continue to prepare for GDPR, urging “I don’t think Brexit should mean Brexit when it comes to standards of data protection.” She points out how the UK was heavily involved in the drafting of GDPR and even in the case of a hard Brexit, meaning leaving the EU without any deal, the UK will need to maintain strict data protection regulations and comply with GDPR.
Brexit does not mean the end of data protection laws
The mistake many businesses are making is assuming that Brexit will have an influence on data protection regulations in the UK. Halting preparations for GDPR would be a mistake. Here are four reasons why organisations should continue and indeed step up their efforts to comply with GDPR.
The UK will continue to trade with European countries
Many companies in the UK trade with European businesses. Even in a case where the UK didn’t have the same data protection regulations in place as the EU, companies doing business in Europe or wish to do so must navigate their way through European legislation to ensure they are compliant. Therefore, adopting GDPR is the simplest way to ensure your organisation is always compliant with data protection regulations.
Even without GDPR, the UK will not abandon the regulations they were so heavily involved in creating
The UK was heavily involved in drafting GDPR. It therefore only makes sense that the government will want to stick with the details of the regulation. Consumers will want to know that their personal data is always safe, and that is more likely to happen if they can easily find out how their data is being shared. Businesses who have halted their preparations for GDPR should begin getting ready now.
UK companies that trade in Europe will still be required to comply with GDPR
Even in the unlikely instance that Brexit results in the UK adopting data protection laws different to GDPR, UK companies that do business in Europe or collect data from third parties based in Europe will still have to comply with GDPR.
Still at least one year of GDPR before Brexit
Britain’s two year countdown to exiting the EU was triggered in March 2017. GDPR is set to come into full force in May 2018, meaning that even if Brexit did affect data protection regulations, there would still be a full year of having to be compliant with GDPR until Brexit occurrs. Nonetheless, it is still unlikely that even in the long term, exiting the EU will have much, if any, influence on data protection laws in the UK.
VinciWorks’ data protection course
VinciWorks has recently released a new course titled “GDPR: Privacy at Work”. The customisable, GDPR ready modular course can be configured into over 1,000 individualised courses for every type of business and role in it. Learn more about our online GDPR training suite here.