The General Data Protection Regulation (GDPR) will be implemented "in full" in the UK, and a comparative law will remain in effect after the UK has left the European Union, as confirmed at a recent parliamentary committee.
The news was delivered by the Minister of State for Digital & Culture, Matt Hancock, at the House of Lords EU Home Affairs Sub-Committee on February 1. He emphasised the need for "harmonisation" between the UKs and EUs framework of data protection laws, to allow the continued flow of data between them.
"We seek not only unhindered data flows but for that to happen in an uninterrupted way. That is to say that the morning that we have left the European Union it is very important that our data rules work so that there is an uninterrupted system in place," said Hancock.
The minister added that he does not "foresee any great changes" being made to UK data protection laws once the UK is out of the EU, describing GDPR as a "decent piece of legislation".
Hancock noted that the need for the UK to have a high quality data protection regime was not just useful to ensure that personal data can continue to flow freely between the UK and EU countries, but for future agreements with the US, too.
"Our goals are clear which is that we want an arrangement that provides for the unhindered exchange of data within an appropriate data protection environment," he said.
Hancock also took the opportunity to highlight that some businesses have been slow to take on board new best practices that will be needed to comply with GDPR.
"Companies that handle data appropriately, have good cybersecurity arrangements and respect the privacy of their customers or those they hold the data of shouldn't find this much of a burden, but it will require some companies that don't have best practice to come up to speed ... I don’t think that is a bad thing given how increasingly important data is in corporate activity."
What is GDPR and how will it affect me?
The GDPR has been created to strengthen the data protection rights for EU individuals and this new legislation comes into force May 25, 2018, and will affect any European member state business offering goods or services, as well as any company that does any form of trade with customers within the EU. The reformed laws aim to provide more consistent, comprehensive protection of personal data rights.
To learn more, read General Data Protection: A practical guide for businesses.
This white paper has been created for Blue Sheep in cojucntion with a specialist data protection consultancy.