The ICO (Information Commissioner’s Office) has indicated that amid the uncertainty of Brexit, the UK Government is committed to absorbing the principles of GDPR into its own law at the point of exit. There should therefore not be any substantial changes for companies should Britain leave the EU on Friday 29 March this year.
A ‘no-deal’ Brexit can, however, impact companies that rely on transferring personal data between Europe and the UK.
Up to now, information was able to flow freely without special measures, since GDPR sets out the set of rules that both the UK and Europe agreed to. This process will be affected if the UK leaves without a withdrawal agreement that makes provision for the flow of personal data.
To help businesses prepare for data protection compliance if the UK leaves the EU without a deal, the ICO has created a practical six-step guide.
It seems that Brexit could bring another layer of complexity to businesses that deal with the UK and Europe’s citizens. But one thing is clear; the principles of GDPR are here to stay (whether the UK gives it a new name or not). As a business running SAP, your safest option is to continue with your data protection work to make sure you comply with the regulation.