Back
We continue to provide our legal services through the COVID-19 lockdown. Please visit our COVID-19 Hub for legal insights, or contact us directly.
Get in Touch Menu

Brexit Q&A: How will Brexit affect data protection for businesses?

08 March 2019

After Brexit, a UK company may find itself subject to both the GDPR and the parallel Applied GDPR regime. Consequently, a data breach might well fall within the competence of both the UK ICO, and one or more EU Regulators.

In addition, EU companies are likely to face increased procedural challenges in terms of reporting data breaches. Currently, UK companies benefit from the “one stop shop” approach, whereby a UK company can rely on the ICO as its Lead Supervisory Authority (LSA) for GDPR matters, whereby the ICO will take the lead in any breach scenario, without the need to engage the other affected authorities directly.

Irrespective of whether we reach a Deal or No Deal Brexit, this one stop shop approach will no longer apply and a company will need to report a data breach separately to each affected EU Supervisory Authority. If you consider that, under GDPR, a company has 72 hours in which to notify a breach, a company needs to be sure that its internal Data Breach Procedures adequately address this issue.

If a deal is reached, then it is anticipated the status quo will continue as far as EU data transfers are concerned until 2020 and it is hoped that this transition period will allow enough time for the UK to obtain an “adequacy” ruling from the European Commission, in order to enable data to be freely transferred between the EU and the UK at the end of  this transition period.

If Britain exits on with no deal that as at 29 March 2018, subject to further guidance being issued in this area, it will no longer be lawful to transfer personal data from the EAA, to the UK, without additional legal protections being put in place. We can help you with this so please contact me if you wish to discuss this further.

If your business needs advice on this subject, please get in touch.

City-trained senior solicitor Kym works in our Legal 500-rated corporate & commercial team. She is a leading sports, media and technology lawyer with over 25 years of commercial experience. She advises clients on a diverse range of commercial agreements to include contracts, new media, technology agreements and GDPR compliance.

We're here to help

Contact
Kym Fletcher LLB (Hons) Euro
Consultant, solicitor
View profile
Kym Fletcher
Related services
Share this article
Resources to help

Related articles

Corporate & commercial issues: COVID-19 FAQ

Corporate

The global outbreak of coronavirus (COVID-19) and the government’s resulting emergency measures have had severe implications for many businesses. Read on for answers to some frequently-asked questions on corporate &…

Sophie Martyn BSc (Hons)
Associate, solicitor

Fixed price legal advice for SMEs & the Coronavirus Business Interruption Loan Scheme

Corporate

The Coronavirus Business Interruption Loan Scheme (CBILS) has thrown a much-needed lifeline to businesses experiencing cashflow difficulties as a result of the coronavirus outbreak. The eligibility criteria of CBILS was…

Chris Wills LLB (Hons)
Partner

Commercial contracts & coronavirus: What are the implications?

Commercial

As the coronavirus (COVID-19) pandemic develops, we have seen significant disruption to businesses across multiple sectors in the UK. Understandably, this has led to widespread concern about the implications for…

Sophie Martyn BSc (Hons)
Associate, solicitor
Contact us