Businesses who share personal data with organisations in the European Economic Area (EEA) will need to ensure that they continue to comply with data protection laws should the UK leave the EU without a deal.
The Government has published the advice as part of a series of guides to help businesses prepare should the UK leave the single market in March with no trading agreement in place.
According to its latest report, published in cooperation with the Information Commissioner’s Office (ICO), transfers of personal data from the EEA to the UK will become restricted once the UK has left the EU.
Personal data, as defined by the regulator, refers to information that can be used to identify a living individual, for example, their name, address, working hours or payroll details.
Explaining what steps organisations need to take, the reports reads: “The UK does not intend to impose additional requirements on transfers of personal data from the UK to the EEA, therefore, organisations will be able to send personal data to organisations in the EEA as they do currently.
“However, transfers of personal data from the EEA to the UK will become restricted once the UK has left the EU.”
The regulator advises that UK organisations should consider, with their EEA partners, what changes they may need to take to ensure that “personal data can continue to flow after the exit date”.
To aid businesses in this process, ICO has published a six-step checklist covering the major changes you need to be aware of.
For urgent help and advice trading with the EU or any other country after Brexit, please do not hesitate to get in touch.