As we prepare for Brexit and its impacts, UK businesses or organisations that receive personal data from the EU or EEA must now understand what they need to do to ensure that the data can continue to flow lawfully as we transition to our new relationship with the EU in January 2021.
Personal data is any information that can be used to identify a living person. This type of information is regularly used in the daily running of most businesses and organisations, and can be anything from names and addresses, to payroll data. An example of a personal data transfer you may receive from an EU partner is if your company receives customer information from an EU company, such as names and addresses. Many companies also manage their HR data, such as staff working hours and payroll details via partners in the EU.
Time is running out and UK businesses are getting ready for new rules with Europe. UK businesses that do not make the necessary changes put themselves at risk.
Key Messages
- If you’re a business or organisation that receives personal data from the EU/EEA, you must check if you need to take action on data protection to ensure data can flow lawfully from January 1st 2021.
- Visit GOV.UK to find out how you can lawfully continue to receive personal data such as names, addresses or payroll details from organisations in the EU or EEA from January 2021.
- Sign up to the Information Commissioner Office (ICO) newsletter for up-to-date information on steps you can take to ensure that personal data you receive from the EU/EEA can flow lawfully from January 2021.
- There may be additional steps you need to take to help your business or organisation prepare for January 2021. Check this today by visiting GOV.UK/transition
Check the guidance. Make the changes. Time is running out.