Brexit and data protection - will firms still have to comply with the new EU GDPR?
Rules around how businesses and organisations can use, collect and store your personal data are currently regulated at an EU-level under the General Data Protection Regulation (GDPR).
This was brought into force last year, and along with the Data Protection Act 2018, provides a comprehensive data protection framework.
Regardless of whether we leave the European Union with or without a deal, there would be no immediate change in the UK’s own data protection standards. This is because the Data Protection Act 2018 would remain in place and the EU Withdrawal Act would incorporate the GDPR into UK law to sit alongside it.
However, under GDPR rules, organisations are only allowed to transfer personal data outside the EU if there is a legal basis for doing so, meaning that once the UK is out of the union this will become trickier.
Most Popular
-
1
Kettering floods in pictures
-
2
Flooding hits Kettering homes as heatwave ends with torrential rain
-
3
Northamptonshire care home rated inadequate for third consecutive time
-
4
East Midlands Railway warns of delays and cancellations at Corby, Kettering and Wellingborough after person hit by train
-
5
Corby man becomes one of first to be convicted under new strangling law
The government has said firms can continue to send personal data from the UK to the EU, but our data protection regulations will have to be assessed before EU countries will be able to transfer personal data to the UK.
It is likely that our regulations will be found to be adequate (after all, we'll still be using GDPR) but discussions won't begin until after we have left the EU and the European Commission has not given a timescale for the issue to be resolved.