pogonici - Fotolia
Whatever happens with Brexit GDPR will continue
Guidance to SMEs from the ICO has stressed that after we leave the EU the need to keep an eye on data regulations will continue
Those firms that might have thought that leaving the EU or exiting without a deal meant that the foot could be taken off the GDPR pedal have been told to remain compliant with the data regulations.
GDPR has been a theme in the channel for the first half of the year and is set to make a comeback in 2019 with many expecting the first fines to be handed out to those that fall foul of the data protection rules.
Just in case anyone was in doubt about the ongoing need to keep following GDPR rules the Information Commissioner Elizabeth Denham has issued guidance, particularly SMEs on the topic.
The ICO has issued a 'Six Steps to Take' guide which makes it clear that ignoring GDPR is not an option, with the first point stating: "Continue to apply GDPR standards and follow current ICO guidance."
Denham then used a blog post to stress that choosing to ignore GDPR was not an option because regardless of what happened with Europe there had already been indications that GDPR was here to stay.
"The UK is committed to the high standards of data protection set out in the General Data Protection Regulation, and the government plans to incorporate the GDPR into UK law when we leave. Therefore, your best preparation for the future UK regime is to ensure that you are effectively complying with the GDPR now," she wrote.
There was an acknowledgement that there will be some changes as we leave Europe but the main one, around the idea that GDPR remains valid, was not something that would change.
"The Data Protection Act 2018 will remain in place. The government intends to bring the GDPR directly into UK law on exit, to sit alongside it. There will be some technical adjustments to the UK version of the GDPR so that it works in a UK - only context – for example, amending provisions referring to EU law and enforcement cooperation," stated Denham.
"Most GDPR requirements will remain the same. This means the first and most important step is to ensure you comply with GDPR principles, rights and obligations. Our current guidance remains relevant and can help you comply, and we will continue to update it regularly," she added.
Security and data management players have already indicated that the channel should be on the look out for GDPR related opportunities next year as the first fines from the ICO are expected to be handed out for those that have failed to meet the regulations.