Does your business hold data?
Are your customer records, accounts, management information held on the Cloud?
If you’ve answered yes to these questions then you need to check what your business needs to do if the UK leaves the EU without a deal.
The Information Commissioner’s Office (ICO) has urged businesses to “prepare for all scenarios” and has dedicated guidance to help small and medium sized organisations prepare for the possibility that the UK leaves the European Union with no deal.
Personal information has been able to flow freely between organisations in the UK and European Union due to the General Data Protection Regulation (GDPR) rules. The UK Government has indicated that at the point of exit from the EU, there will be no substantive change to the rules governing personal data as GDPR will be absorbed into UK law.
The two-way free flow of personal information will not be as straightforward however if the UK leaves the EU without a withdrawal agreement that specifically provides for the continued flow of personal data. In such a case, transfers of personal information from the UK to EEA should not be affected, however data flow from EEA to the UK will be affected.
What should you do?
- check the ICO website for guidance on data protection
- check with your service provider that they have put in place arrangements to cover access to two way data flows in the event of a no-deal Brexit
- check the Business Wales Brexit Portal for advice, information and support for your business