GDPR in its full scope is not that simple, and it touches a very broad range of roles in any organisation as well as various levels. Marketing, legal, finance, compliance, audit, IT, security, training, as well as the board of directors, all own a part of the GDPR. It is a game-changer. The penalties for a breach will move from hundreds of thousands to millions of pounds, dollars or euros.
Other than this short section we will not try to make the case for GDPR, there are thousands of web pages already doing that and warning of the dire
consequences of non-compliance.
Unfortunately, most of them focus on Europe and those trading in Europe and make no comment on the domestic UK impact.
To understand the domestic impact we also need to take a look at proposals for the UK’s New Data Protection Bill announced in the Queen’s Speech on 21st June 2017.
Implications of the UK’s New Data Protection Bill
Even if GDPR itself is no longer required for companies hosting UK-only data, many companies will have customers, suppliers or contractors within the EU. All EU customer data will have to be held in a way that complies with GDPR.
So companies will ultimately have two choices:
For many companies, the second option might perceived as a way to cut costs.
However, the UK Government will introduce regulations having similar or identical provisions as the GDPR applied in the UK.
So BREXIT will not help you!