The Brexit Series: Data Protection

The EU’s General Data Protection Regulation (GDPR) is set to enforce some of the most stringent data protection and management laws in the world, forcing companies to highly prioritise the management and safeguarding of consumer data. Given the amount of work that this regulation has already forced upon many companies, some UK companies are now asking whether it will apply to them, or whether lower data protection standards may be considered in the UK.

The general consensus is that the equivalent regulation to GDPR is likely to be put in place within the UK regardless of EU status – whether part of the single market or not. Even if your business is UK-based, any company trading with EU residents and consumers is likely to be required to be compliant with GDPR.

If the UK wants to trade with the Single Market, UK data protection standards would have to be equivalent to the EU’s General Data Protection Regulation framework starting in 2018. UK Information Commissioners Office

Consider these key questions in relation to your Data Protection and Brexit:

  • Do you have a plan to assure GDPR compliance no later than 2018?
  • Do you know where all the data you have in the Cloud and on premise is physically stored?
  • Do you have any Microsoft Azure, Amazon Web Services or
  • Oracle Cloud storage? Where is it located?
  • Do you know where all of your on premise and cloud data is backed up to – is any of it located outside the UK?