The General Data Protection Regulation (GDPR) has already started squashing the rampant privacy breaches that organizations and nefarious actors have taken advantage of for years. In less than one year, GDPR still remains one of the most confusing topics for people in and outside of the European Union.
However, one question is being increasingly asked: what happens if Brexit removes the U.K. from the European Union’s extensive and wide-reaching legal framework?
Does the GDPR still stay in effect? Does Parliament have a plan for the GDPR as it relates to U.K. citizens?
Common knowledge dictates the British government can create its own version of the GDPR, but that remains to be seen as organizations continue to explore the complexities of Brexit.
Businesses in the U.K. are still subject to the GDPR today, regardless of Brexit’s status. When March 29th comes, Brexit may make things excessively difficult for businesses trading within the European Union.
In order to prepare for this eventuality, businesses that hold personal data of EU citizens should continue to apply strict scrutiny to that data and comply with the legal framework that exists.
Keeping in mind that while the legal framework will still be enforced, the Information Commissioner’s Office will be outside of the EU’s European Data Protection Board, giving it no influence on the future of GDPR.
While it is virtually uncertain of how Brexit will affect the GDPR since the government cannot yet agree on the terms of the “divorce” from the EU, one thing remains certain: businesses must continue to remain vigilant as the clock ticks aggressively down to the end of the U.K.’s participation in the world’s largest economic bloc.
For more information on a no-deal Brexit, consider our free Efficiency First® Tool, How Businesses Should Prepare for a No-Deal Brexit.