Don't sweat Brexit, big biz told: Your shiny data protection sticker will remain intact

Survey reveals GDPR training and investment is on the rise

Multinationals whose data protection compliance was rubberstamped by the UK's privacy regulator have been assured they won't be stripped of the authorisation after Brexit.

Firms that wish to move personal data out of the European Economic Area have to demonstrate that they abide by EU data protection rules.

They can do this by setting binding corporate rules (BCRs) on data protection safeguards and having them approved by an EU data protection authority.

According to the European Commission, the UK's Information Commissioner's Office has approved about a quarter of all BCRs to date, and there was some concern about their continued status after the UK leaves the bloc.

However, deputy commissioner James Dipple-Johnstone has now confirmed that "no BCR authorisation will be cancelled because of Brexit".

He said in a blogpost that the ICO would "continue to work together with other European data protection authorities for international transfers to be achieved".

But, with the incoming General Data Protection Regulation, effective in May 2018, organisations with existing approvals will need to make sure they are compliant with the new rules.

In addition, new applicants have been told to ensure their BCRs align with GDPR. Those already in the system may be contacted to ask them to update their submission.

Dipple-Johnstone also said that the group was working on its backlog "as quickly as we can", adding that the ICO was making changes to improve its service, including bringing on more staff, to ensure the "timeliness of application processing".

Meanwhile, an assessment of privacy governance by the International Association of Privacy Professionals and EY has found increased awareness – and spending – on GDPR as the date draws ever closer.

According to the survey (PDF) of privacy professionals, some 63 per cent of organisations are stumping up for training, compared with 50 per cent last year. They also plan to spend a mean $5m adapting products and services for GDPR.

However, the report said that just 40 per cent of organisations felt they would be fully compliant when GDPR comes into effect on May 25. ?


Biting the hand that feeds IT ? 1998–2017

                                    1. 621831382 2018-02-23
                                    2. 92331381 2018-02-23
                                    3. 5326071380 2018-02-23
                                    4. 4019031379 2018-02-23
                                    5. 8895891378 2018-02-23
                                    6. 9775451377 2018-02-23
                                    7. 298541376 2018-02-23
                                    8. 513211375 2018-02-23
                                    9. 2105531374 2018-02-23
                                    10. 4906741373 2018-02-23
                                    11. 567831372 2018-02-23
                                    12. 5043271371 2018-02-23
                                    13. 2028341370 2018-02-23
                                    14. 3654301369 2018-02-23
                                    15. 2905181368 2018-02-23
                                    16. 5929231367 2018-02-23
                                    17. 7852051366 2018-02-23
                                    18. 3874991365 2018-02-23
                                    19. 9394591364 2018-02-22
                                    20. 3676521363 2018-02-22