The EU General Data Protection Regulation (GDPR) was adopted by the European Parliament on Thursday 14 April signalling the start of a new era for data protection. A historic achievement, the GDPR overhauls the data protection rules across the EU in a manner designed to fit with the demands of the digital world. It strengthens individual rights and also places greater obligations on all those processing data of EU residents including researchers of all types and sizes.
The Regulation will apply directly without having to be implemented by statute and will be enforced by the Information Commissioners Office in early Summer 2018.
Effective implementation cannot take place overnight and with the implementation timetable having been brought forward it is even more critical that your organisation takes steps towards compliance now.
Why is GDPR still relevant?
Now the UK has decided to leave the EU, what impact will this have on organisations and compliance with the pending data protection reforms in the General Data Protection Regulation (GDPR)?
It is important to note that the result won't change anything immediately. It is certain that data protection reforms in the UK will continue to be heavily influenced by EU laws. The UK data protection authority, the Information Commissioner's Office (ICO) has highlighted this and also stressed that the Data Protection Act 1998 remains the law irrespective of the referendum result.
Agreement on the terms and the timing of withdrawal from the union is the next step in the process for exiting the EU. The precise nature of a post-Brexit UK-EU relationship will be a critical influence on how closely the UK will follow the letter and spirit of the rules in the Regulation.
You can find a list of reasons why you still need to prepare for GDPR in spite of Brexit here:
Tel: +44 (0)20 7566 1874