Brexit is Brexit - But What About EUGDPR?
The UK Prime Minister now famously said ‘Brexit is Brexit’, but what does this mean for the UK businesses implementing the EU General Data Protection Regulation (EUGDPR)? A new legislation, replacing the UK’s Data Protection Act, will give citizens more rights over their personal data, and comply with the EU data protection, even after Brexit. This is good news for the free flow of data between the UK and the EU.
It is not only about ticking the compliance box, but making more of the fact that you are using an identity and access management solutionVeronika Westerlund Global Vice President, Channels and Alliances
From coverage of security, risk, compliance and efficiency, to supporting how an organization works as a business and their trustworthiness profile, this is what provides the business benefitVeronika Westerlund Global Vice President, Channels and Alliances
August 2017: If you are an organization or an individual based in the UK, you may have wondered what Brexit, the commonly known term for the UK leaving the EU, means for you in terms of data compliance. A new legislation, expected in September and thought to become law in early 2018, is the result of the UK government’s commitment to update and strengthen its data protection laws as well as bringing the UK’s data protection law into line with the upcoming EUGDPR.
Increased business values
When the UK leaves the EU, it will become defined as a so-called ‘third country’ in terms of EUGDPR. This means it will have to have adequate domestic data protection to enable the free flow of data between the UK and the EU. The UK government is therefore amending the current data protection act to comply with the EU, to enable data to flow freely across borders, also when Brexit becomes a full reality. But as Brexit could take several years and the EUGDPR takes effect from 25 May 2018, there could well be some time when UK organizations need to comply with the EU.
“For organizations based in the UK, working with the EU, this means increased business values at the end of the day. Customers and users will see the organizations as more attractive and trustable, which adds to the business value,” says Veronika Westerlund, Global Vice President, Channels and Alliances, Omada.
Omada’s identity platform can help organizations get ready for EUGDPR, whether they are based in the EU, the UK or anywhere else in the world. But it can also do so much more.
“It is not only about ticking the compliance box, but making more of the fact that you are using an identity and access management solution. From coverage of security, risk, compliance and efficiency, to supporting how an organization works as a business and their trustworthiness profile, this is what provides the business benefit,” Veronika says. She notes that compliance and trustworthiness are especially relevant for companies today, also for their cooperation, for example in the Middle East region, where banks often start compliance projects as other global banks and organizations require them to prove they have control of their accesses in order for them to conduct business together.
Get ready for EUGDPR compliance
Omada can help your organization get ready for EUGDPR, whether you are based in the UK, in the EU or anywhere else in the world, helping you not just get secure and compliant, but also improve your organization’s effectiveness.
Read about the Omada solution here and contact us if you are interested in learning more.
The right to be forgotten: The new UK legislation
The new legislation UK will be tougher than the current data protection act, enforcing the ‘right to be forgotten’ across multi platforms. Consumers will be able to ask social media platforms to delete posts from their childhood, ask online traders to delete their personal data and organizations will no longer be able to get a limitless use of personal data through people just clicking default so-called tick boxes online.
The definition of personal data will be expanded in scope to include IP addresses and cookies, among others and consumers will in general be granted more power over their own data. The legislation will, for example, require social media platforms to delete information about children and adults when asked and UK data protection regulator the Information Commissioner’s Office (ICO) will be given increased power to protect consumers and issue larger fines, of up to £17 m or 4% of a company’s global turnover, also in line with how the EUGDPR will work, and the role of the Data Protection Officer will be enforced for companies of a certain size.