Filter by Category

Brexit and the GDPR: What You Need to Know

Brexit and the GDPR

On June 23, 2016, barely two months after the EU parliament approved the General Data Protection Regulation, the United Kingdom voted to leave the European Union. In the aftermath of a decision that shocked the world, many questions were raised regarding the legality of withdrawing from the EU.

One question in particular was resounding.

Does the GDPR still apply to UK companies?

“One in four businesses in the UK say they have cancelled all preparations for the EU General Data Protection Regulation,” writes this article from Information Age. A higher percentage of companies have perhaps started preparations, but “a massive 44% of those surveyed said they didn’t think the regulation will apply to UK business after Brexit.”

Recent studies, surveys, and statistics coming from the UK show that many aren’t worried about the GDPR now that Brexit is certain. But it’s too soon—and far too careless—to write off the GDPR as a regulation you don’t have to follow.

The question, “Does the GDPR still apply to UK companies,” is broad in its scope. Perhaps it’s better to break it into two separate questions.

1. Will the GDPR apply to UK companies BEFORE Brexit finalizes?

Though the GDPR was approved in 2016, businesses have been given two years to become compliant with its requirements. This transition period officially ends on May 25, 2018. Companies must be compliant at that time or face steep fines and penalties (up to 20 million pounds or 4% of annual turnover, whichever is higher).

The UK is set to finalize their leave from the EU sometime in 2019, probably March 2019, but at the very least, that’s ten months after the GDPR becomes enforceable. Since the UK will still be a part of the EU in May 2018, UK businesses must meet all compliance requirements at that time. No exceptions.

2. Will the GDPR apply to UK companies AFTER Brexit finalizes?

Okay, you’re thinking, I only have to comply with GDPR until March 2019, and then I can stop, right? Well, not quite, for two different reasons.

Even after the UK fully exits from the EU, the GDPR applies to all companies who process or store the personal data of EU citizens. This includes companies who are located worldwide, so if your company has EU clients or processes EU citizens’ data, yes. The GDPR still applies to you, and so does its fines and penalties if you fail to comply with its requirements.

The UK government has also spoken up about the future of the GDPR after Brexit. Phil Lee, partner at Privacy, Security and Information law group in London, writes: “The UK government has signalled that, in order to provide continuing legal certainty for citizens and businesses, all existing European law will essentially be “copied and pasted” into UK law … by the time the UK leaves the EU.” This most likely includes the General Data Protection Regulation, which Lee guesses will simply be renamed as an act but encompass the GDPR’s requirements and legalese.

Furthermore, Lee encourages UK businesses to be more vigilant than ever about meeting compliance requirements, as they’ll “most likely need to comply with both UK and EU data protection law.” So while Brexit is set to bring about many changes for UK-based companies, being off the hook for full compliance isn’t one of them.

What should you be doing right now?

Prepare, prepare, prepare. The deadline for complete GDPR compliance is fast approaching, and the penalties and fines are far too steep to ignore.

To help businesses ready themselves for May 2018, we’ve put together two resources covering everything you need to know about the General Data Protection Regulation. Check them out!

 

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


Getting the Most Out of Your GoAnywhere MFT Trial

August 14, 2018

We know it’s crucial to get a solution up and running quickly during your evaluation period. You want to know if it works, what the benefits are, and how it will impact or improve your business…


Six Signs Your Organization Needs MFT Software

August 7, 2018

As organizations increase the amount of data they transfer between users, employees, and trading partners; cybersecurity and IT teams race to keep up. One wrong move, like the lack of file…


Monitor Your GoAnywhere Analytics with HelpSystems Insite

July 26, 2018

With a brand new release of HelpSystems Insite, GoAnywhere MFT administrators can now view key GoAnywhere analytics from Insite’s single-pane-of-glass interface. This integration allows admins…


What Do Industry Professionals Think of Cloud Security? Get the 2018 Guide

June 18, 2018

Whether you’re considering a public cloud deployment or already exist in some form of hybrid environment, you’re probably trying to keep a pulse on the ever-evolving topic of cloud…


Introducing GoAnywhere MFT 5.7: New Cloud Integrations and Other Features

June 15, 2018

The latest version of our secure managed file transfer solution is live! Today GoAnywhere MFT 5.7 released with a variety of new features and updates, including brand-new Cloud Connectors,…