Is Brexit the End of GDPR?

21 Jan, 2021

I’m sure we all remember the countdown to 25th May 2018… GDPR day.  But now the Brexit transition period has ended, was it all a waste of our time?

Just to recap, the General Data Protection Regulations (GDPR) replaced the old 1998 Data Protection Act and which was brought in to ensure consistency to data security law by all EU members.  Failure to comply could result in hefty fines from the Information Commissioner’s Office (ICO).

So, if it was a law for EU members, and we’ve left the EU, is this even relevant anymore? The short answer is yes.

Whilst the EU GDPR no longer applies to the UK it has been incorporated into UK data protection law as the UK GDPR.  Therefore, if you operate inside the UK little has changed to core data principles, rights and obligations.

Discussions are ongoing between the EU Data Privacy Board and the UK ICO on how data can continue to transfer to and from the UK and EU members. The UK is applying for an ‘adequacy’ decision. If successful, this will mean that personal data can be transferred without additional safeguards being required. In the meantime, the UK Government has agreed as part of the exit process that data can continue to transfer without restrictions.

For those organisations who operate in Europe, the EU GDPR will still apply directly to you and any data received from organisations within Europe will need to be in line with the UK GDPR.  Find out more here.

The ICO will remain the independent supervisory body regarding the UK’s data protection legislation, and will continue to work closely with the European supervisory authorities.

The ICO have a wealth of information available to organisations to include webinars, FAQs and guidance notes which can be found here.

While these discussions continue to take please, for most organisations, the most important task is to ensure you know what data you are collecting and why, where you are storing it, how long it is being kept with, who has access and who are you sharing it with.

How can ISO 27001 help with GDPR?

The ISO 27001 is the internationally recognised Information Security Management System which provides a great starting point for meeting the technical and organisational requirements of the UK GDPR to keep data safe.  Find out more here.

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Why Technology Could be Your Greatest Strength and Biggest Risk

17 Oct, 2023

In this guest article with Duncan Sutcliffe from Sutcliffe & Co Insurance Brokers, we look at why brokers are talking about cyber and data insurance, and the growth in demand for cyber security and information security standards like ISO 27001.

ISO QSL Bingo Box Challenge Is Back!

2 Oct, 2023

We are thrilled to announce the return of our Bingo Box challenge for the 6th time! Foodbanks, the lifelines for countless families, are grappling with unprecedented demand, leaving their shelves empty and their resources stretched thin.

Reduce, Reuse, Recycle

ISO 14001 Is Just About Recycling… Isn’t It?

19 Sep, 2023

The days of checking bins have gone! Find out how ISO 14001 has changed with the times.

Puzzle piece being put in place in to the center of a circle.

10 Benefits of Implementing Multiple ISO Standards

30 Aug, 2023

In the dynamic landscape of modern business, organisations are constantly seeking ways to enhance operational efficiency, quality, and management practices. A powerful strategy that has gained traction is the implementation of multiple ISO standards.