Britain’s decision to leave the European Union has led some data professionals to think that they will no longer be affected by EU’s General Data Protection Regulation (GDPR) due to come into force in 2018, but as John Cassidy, VP EMEA, Ground Labs says, this may not be the case.
John Cassidy, VP EMEA, Ground Labs said, “although it’s very early days, there are some misconceptions around the impact of Brexit on the many thousands of organisations responsible for storing and managing sensitive personal data. We have discussed the issue with a number of UK businesses that believe if Britain leaves the EU then the requirements of GDPR will somehow be overridden. This is entirely unfounded as the risks of ignoring the new global data regulations will remain.”
Any business that stores, transmits or processes personal information has a duty of care to ensure this sensitive information is secure and safe. Prior to Brexit, the GDPR was gaining momentum in the UK as a government driven regulation that businesses must comply with or face substantial penalties in the event of personal information being lost or stolen.
Due to the nature of the regulation, UK companies with customers within the EU will need to ensure that they are GDPR compliant if they want to continue trading with those customers.
John said, “one common misconception is that the GDPR applies to companies within Europe, but it’s actually designed to protect European consumers. This means that if you are handling even one European customer’s personal information, you are tasked to handle his information in line with the GDPR, or face the consequences.”
The Information Commissioner's Office (ICO) has made statements to indicate that once the UK leaves the EU, it is likely to introduce new regulations that would be similar in scope to those laid out by GDPR.
John said, “there is some evidence to suggest that for UK organisations, the timetable for compliance has moved forward. By leaving the EU, the demonstration of compliance could be a longer, more involved procedure for those companies affected.
“GDPR is not going away. These data regulations should not be seen as extra homework to be dodged, they are designed to prevent devastating data breaches that can cost millions and could lose you customers.”