We continue to provide our legal services through the COVID-19 pandemic. Please visit our COVID-19 Hub for legal insights, or contact us directly.
Get in Touch Menu

Brexit Q&A: How will Brexit affect data protection for businesses?

08 March 2019

After Brexit, a UK company may find itself subject to both the GDPR and the parallel Applied GDPR regime. Consequently, a data breach might well fall within the competence of both the UK ICO, and one or more EU Regulators.

In addition, EU companies are likely to face increased procedural challenges in terms of reporting data breaches. Currently, UK companies benefit from the “one stop shop” approach, whereby a UK company can rely on the ICO as its Lead Supervisory Authority (LSA) for GDPR matters, whereby the ICO will take the lead in any breach scenario, without the need to engage the other affected authorities directly.

Irrespective of whether we reach a Deal or No Deal Brexit, this one stop shop approach will no longer apply and a company will need to report a data breach separately to each affected EU Supervisory Authority. If you consider that, under GDPR, a company has 72 hours in which to notify a breach, a company needs to be sure that its internal Data Breach Procedures adequately address this issue.

If a deal is reached, then it is anticipated the status quo will continue as far as EU data transfers are concerned until 2020 and it is hoped that this transition period will allow enough time for the UK to obtain an “adequacy” ruling from the European Commission, in order to enable data to be freely transferred between the EU and the UK at the end of  this transition period.

If Britain exits on with no deal that as at 29 March 2018, subject to further guidance being issued in this area, it will no longer be lawful to transfer personal data from the EAA, to the UK, without additional legal protections being put in place. We can help you with this so please contact me if you wish to discuss this further.

If your business needs advice on this subject, please get in touch.

City-trained senior solicitor Kym works in our Legal 500-rated corporate & commercial team. She is a leading sports, media and technology lawyer with over 25 years of commercial experience. She advises clients on a diverse range of commercial agreements to include contracts, new media, technology agreements and GDPR compliance.

We're here to help

Kym Fletcher LLB (Hons) Euro
Consultant, solicitor
View profile
Kym Fletcher
Related services
Share this article
Resources to help

Related articles

Catch up on our free legal webinars


Our legal experts have been busy sharing valuable expertise in their first series of free webinars for employers, and businesses across the county who missed the live events can now…


Fixed price legal advice for SMEs & the Coronavirus Business Interruption Loan Scheme


The Coronavirus Business Interruption Loan Scheme (CBILS) has thrown a much-needed lifeline to businesses experiencing cashflow difficulties as a result of the coronavirus outbreak. 17 December 2020 Today, Rishi Sunak…

Chris Wills LLB (Hons)

Corporate & commercial issues: COVID-19 FAQ


The global outbreak of coronavirus (COVID-19) and the government’s resulting emergency measures have had severe implications for many businesses. Read on for answers to some frequently-asked questions on corporate &…

Contact us