Business Planning

Brexit data checklist: An SME guide to managing data after transition

Praseeda Nair | 22 December 2020 | 3 years ago

The Information Commissioner (ICO) is calling on the UK’s businesses to check whether they are impacted by data protection law before the end of the UK’s transition period with the EU on 31 December.

Businesses and organisations that are affected need to take steps to ensure that data can continue to flow from the EU lawfully from 1 January.

The ICO is urging businesses to visit its website – ico.org.uk/keepdataflowing – to view guidance and resources on the actions they may need to take if they use personal data.

Research indicates that sharing personal data is essential to running the majority of SMEs. Any businesses receiving data from organisations in the EU or European Economic Area? (EEA) must take action to ensure the flow of data doesnt stop.

Personal data is classed as anything that relates to an identifiable individual and can relate to information about both customers and staff. HR records, customer details, payroll information and information collected through cloud services are all forms of personal data and could be affected.

Businesses are advised to continue complying with the Data Protection Act 2018 and General Data Protection Regulation (GDPR) and to prepare by understanding where the personal data they use comes from.

For most businesses and organisations, Standard Contractual Clauses (SCCs) are the best way to keep data flowing on EU-approved terms. The ICO website hosts an SCC Interactive Guidance tool to assist SMEs.

Businesses should also review their privacy information and any documentation to identify changes that need to be made at the end of the transition period.

As part of the negotiations, the EU is yet to make a decision as to whether it accepts that the UK’s data protection regime is still adequate. An adequacy decision is still possible but the timing is unclear.

we appreciate there is a lot of pressure on businesses right now, especially given the impact of the pandemic. However, ‘sharing personal data is essential to the running of many businesses and it is vital you take action to ensure that data can continue to flow, “elizabeth Denham, Information Commissioner, said.

as we don’t know what the outcome will be from the EU, there is an even bigger need for businesses to prepare now.”

the ICO appreciates data protection can seem daunting to SMEs, which is why we have created a specific suite of products to help small businesses prepare. I encourage people to visit the ICO’s website to understand what steps they need to take and to keep up-to-date.

SME Data Checklist

At the end of the UK’s EU exit transition period, there may be changes to personal data protection rules that could impact many UK businesses.

If your business falls into one of these categories, it is important to take steps before the end of the transition period:

  • UK-based business or organisation that receives personal data from contacts in the EEA
  • UK-based business or organisation with a European presence or customers

Checklist

1. Take stock of the personal data you hold and map your data flows.You should establish if you are receiving personal data from the EU/EEA.

2. Put Alternative Transfer Mechanisms in place (most likely Standard Contractual Clauses).For most businesses and organisationsreceiving data from the EU/EEA, these are the best way to keep data flowing to the UK. To help navigate’standard Contractual Clauses, the ICO offers an?SCC Interactive Guidance Toolto take you through the process.

3. Appoint a suitable representative in the EU/EEA.thismay beapplicable if your business is only based in the UK but offers goods or services to, or monitors the behaviour of, individuals in theeU/EEA.

4. Keep up to date. Information can change rapidly so stay informed.

The ICO’s website has?guidance, checklists and toolkits to help SMEs understand what they need to do to keep data flowing.

Related Topics

How Businesses Can Save on Their Energy Costs This Winter
28 September 2023

How Businesses Can Save on Their Energy Costs This Winter

Read More →
The Importance of Data Analytics in Making Informed Business Decisions
14 September 2023

The Importance of Data Analytics in Making Informed Business Decisions

Read More →
How to Write a Business Plan That Investors Will Love
13 September 2023

How to Write a Business Plan That Investors Will Love

Read More →
Performance Appraisals Reimagined, How to Modernise Your HR Reviews
4 September 2023

Performance Appraisals Reimagined, How to Modernise Your HR Reviews

Read More →
Embracing Sustainability: Eco-Friendly Practices for Businesses
1 September 2023

Embracing Sustainability: Eco-Friendly Practices for Businesses

Read More →
Eco-Friendly Sustainable Business Practices
8 August 2023

Eco-Friendly Sustainable Business Practices

Read More →

If you enjoy reading our articles,
why not sign up for our newsletter?

We commit to just delivering high-quality material that is specially crafted for our audience.

Join Our Newsletter