Get data-ready, says ICO

Businesses must be prepared for “all scenarios” ahead of Brexit, the data watchdog has warned.

The words form part of the Information Commissioner’s Office’s (ICO) new guidance urging small and medium-sized enterprises (SMEs) to prepare for the “possibility” that the UK leaves the European Union with no deal.

The data regulator said the guidance, which will help business owners understand their position and what steps they need to take to prepare, will ensure that “data flows” after Brexit.

ICO explains that once the UK leaves the single market, EU legislators must approve third party countries in order to lawfully transfer data to the European Economic Area.

This includes the sharing of customers’, citizens’ and employees’ personal data between EU member states and the UK.

Failure to reach an agreement with the EU, combined with poor internal data practices, may prevent companies from transferring personal data and potentially disrupt trade.

Commenting on the situation, Information Commissioner Elizabeth Denham said: “It’s crucial that organisations make sure they properly prepare for all scenarios. If your organisation sends or receives personal information to countries in the EU, this guidance will help you work out whether you need to take steps now, what you need to do to prepare, and then let you get back to running your business.

“Even if you think your organisation doesn’t transfer data internationally, I’d urge you to read what we’ve produced, and assess whether you need to act.”

Click here to access the guidance.

For help and advice on data protection, please get in touch with our expert team.