The EU’s General Data Protection Regulation, or GDPR, will take effect in May 2018. Because the UK is expected to leave the EU around spring 2019 and the GDPR is only applied to data within the EU’s scope of jurisdiction, the UK Government had the requirement to complete the areas of the GDPR which are left to Member States’ discretion. It will still be retained in UK law due to Clause 3 of the European Union Withdrawal Bill, which incorporates EU law into domestic law.
The Data Protection Bill intends to update data protection law for today’s digital age, as technology is increasingly transported into the digital world. One of the main concerns of the Data Protection Bill is to guarantee that the UK is prepared for the future after leaving the EU.
It aims to replace the Data Protection Act of 1998, support UK businesses and organisations, empower people to take control of their data, and ensure that UK data laws continue to correspond with modern, digital needs.
The Necessity for the Data Protection Bill
Deputy director-general of the Confederation of British Industry, Josh Hardie, states that the bill shows that the Government “has taken the right steps… but in the long-term, we need an ‘adequate decision’ with the EU, where the UK can prove our data laws and business environment meet EU standards.
“Unless the Brexit negotiations find another way, getting such a deal would mean first becoming a ‘third country’. In other words, we’d need to leave the EU before that process could even begin.”
He further states that becoming a third country, which are countries outside of the EU, would have an effect on growth, jobs, and prosperity in the UK. The last time there was a major data deal between both the EU and a third country was with New Zealand and the process took four years.
With the present economic uncertainty caused by Brexit, UK businesses need to stay on top of digital and technological issues. As businesses require confidence in all aspects, including from suppliers and each other, having regulations in place to ensure that data continues to be safe is vital.
Businesses in the UK have to inspire confidence from potential partners across the globe after leaving the EU, a step which the Data Protection Bill is looking to aid. As the GDPR will remain within UK law even after the UK leaves the EU, it will also be important to dispel many potential uncertainties about how secure data will be.
How the Bill Will Affect Businesses and What Steps to take
This new bill underlines how important data protection is for modern living. This importance extends towards consumers’ assurance that their data is secure and towards businesses in possession of high quantities of data. Because the Data Protection Bill has consumers’ rights to their data in mind, it’s also vital that businesses have a comprehensive strategy for data management.
Presently, consumers can trigger the ‘right to be forgotten’ and companies need to react accordingly and delete all of the information. Failure to do so can place your business in a situation that compromises your reputation and your financial gain. Fines could represent 4 percent of global turnover, or £7 million, which could place you in bankruptcy.
It will be vital for you to map all data within your business in an efficient way across the entirety of your organisation. This will ensure that you can retrieve all data at all times for deletion, and it might mean investing in dedicated software to reduce the possibility of human error.
Here at ICT Reverse, we are always happy to help you and to ensure that your business has the needed certificates that showcase your compliance to the latest regulations. Get in touch with our team to know more.