Whether you voted to Leave or Remain, what we can all agree on is that the past three years have thrown up constant surprises. Whether it’s the Irish question in flux once again, law surpassing the government US style or opposition leaders refusing a General Election, Brexit hits the headlines again and again. So, it was both no surprise and yet still a surprise to find out that Brexit could have a negative impact on how our data is processed.

We are over a year into the new GDPR regulation, an EU top down initiative that all member states needed to comply with. If you are one of the millions of businesses that put the effort in to make sure that your business and processes were fully compliant with the GDPR, it can be tempting to think that you have all the bases covered when Brexit rolls around.

The good news is, if you have no customers or contacts in the EEA (that’s the EU 27 plus Iceland, Norway and Lichtenstein) then your business remains compliant with UK GDPR.

However, those of us with customers or contacts in the EEA will need to get our heads around the new concept (to us anyway!) of ‘cross-border’ personal data.

As a country currently within the EU, all data flows freely, its security underpinned by GDPR throughout. Yet when we leave the EU, our GDPR turns into UK GDPR, and as a third country will no longer be considered adequate by the EU. So if an EU country wanted to either export or import UK data, a transborder data agreement would need to be created and adhered to.

While this may sound unnecessarily complicated, the good news is that for most GDPR compliant small and medium businesses the data protection rules already in place will largely stay the same. Extra steps may need to be taken to ensure a free flow of data through a transborder data agreement, and those doing a significant amount of work with an EU country may wish to consider an EEA delegate, but the work needed is reasonably small compared to businesses that trade physical goods. As ever, planning is essential and we found this interactive tool useful.

If you are still working on getting your business GDPR compliant, we offer a GDPR consultancy service with a compliance pack, you can find out more details on our website or get in touch to see how we can help.

Here are some other related posts you may be interested in reading:
Will Brexit impact on UK recycling?
Business Confidence and Brexit
Brexit planning: points to consider
Countdown to GDPR