Sign up to our newsletter for weekly news, info and tips from our in-house experts:
The Act controls how personal information is used by organisations, businesses or the Government and it is designed to make sure that people’s personal information is protected — no matter where it is sent, processed or stored, even outside the EU.
According to the UK’s independent authority set up to uphold information rights, the Information Commissioner's Office (ICO), the Government has confirmed that the UK’s decision to leave the EU will not affect the coming into force of GDPR. The European Commission is certain to require continued compliance post-Brexit as part of any trading UK-EU agreement. This is particularly the case as the regulation already applies to non-EU countries so the UK will have to agree to maintain compliance if UK companies are to continue to trade data with organisations in the EU27.
The ICO has noted that organisations in the UK which have complied with the requirements of the Data Protection Act 1998 (DPA) will be in a good position to meet their obligations under GDPR. However, as this topic makes clear, there are several new elements and significant enhancements which require a more coherent and focused approach to data protection.
Key points you need to know on this topic.
Detailed information on all matters in this topic.