Categories
Data security GDPR

GDPR after Brexit

Data security is an important part of the DocSafe offering. We work extremely hard to ensure that any data you hold is secure. This is one of the main drivers for our client portal where email isn’t required to send and receive data or documents.

However, the impact of Brexit might cast a ripple effect on GDPR in months to come – it’s something we are watching closely.

Since we left the EU the UK has adopted GDPR into its own domestic law. So nothing very much has changed in terms of how we store and use data and everything we did to prepare and comply with the new 2018 GDPR laws is still relevant.

However, if you operate within the European Economic Area (EEA) you may still be affected by EU GDPR. This applies if you trade or work with people within the EEA. It means you need to consider how you communicate data securely, particularly personal data.

“The government has said that transfers of data from the UK to the European Economic Area (EEA) will not be restricted. However, from the end of the transition period (April 2021), unless the EU Commission makes an adequacy decision, GDPR transfer rules will apply to any data coming from the EEA into the UK. You need to consider what GDPR safeguards you can put in place to ensure that data can continue to flow into the UK.” [Source: ICO]

In the meantime it is a good idea that you log any data you might hold that falls outside of UK GDPR guidelines: notably how the data has been collected and where the subject of the data resided on 31 December 2020. You may also like to set up processes directly with EU companies who work with you – ensuring due care is being taken when sending or receiving data.

We’ll keep you posted as we get further information.