Britain’s exit from the European Union will have drastic knock on effects for businesses up and down the country as we see changes to EU issued legislation. While the process of separating from the EU could take a number of years, it is important to prepare for potential changes, as well as being aware of the EU rules that could still impact us. The General Data Protection Regulation (GDPR) is one of the biggest changes to data protection laws in many years, and despite the fact that Britain will be no longer governed by EU rules, it is still relevant to all UK businesses.
What is the GDPR?
The purpose of the GDPR is to protect privacy and security of all data collected by organisations (large and small) across the European Union. This replaces the Data Protection Directive set up in 1995 and takes into account new methods of data collection and storage, aiming to preserve an important aspect of human rights.
Preparing for GDPR
The GDPR comes into force on the 25th May 2018, however your business should start preparations as soon as possible. To begin, you should review the way your business stores data, and ensure that any data you do collect is used for an explicit purpose, as collecting data for no discernible business purpose will be illegal under GDPR. Your business may need to hire a Data Protection Officer too. A summary of the types of rules being implemented in 2018 can be found here.
How Will Brexit Affect Britain’s Involvement with GDPR?
While Britain will not be directly accountable to the EU with regards to upholding these regulations, British organisations that wish to trade with European companies may still have to comply. What’s more, the British government may put in place similar broad regulations to ensure smooth negotiations with EU member states. The Direct Marketing Association (DMA) has put together a Q&A for marketers, with advice that is relevant for all businesses.
Ant Marketing are looking ahead to GDPR and our Compliance Officer, Holly Fordham, explains how GDPR will affect us and our clients:
“Data management and the DPA already play a huge part in the way we operate as a business and remaining compliant is obviously my number one priority. We are therefore looking ahead to GDPR now with the view to streamline our data collection and retention policy. New access permissions and secure data platforms will be implemented in the near future in line with GDPR regulations and mandatory fields will form the framework for minimising unrequired data. Ant Marketing believes in continual improvement in all aspects of the business and data is not to be excluded. So whilst our data policy is already tightly and continually managed, GDPR will alter the processes we follow”.