In the brink of the Brexit vote we have been asked by a number of clients how this impacts the introduction of the General Data Protection Regulation (GDPR) which was scheduled to automatically come into force on 25 May 2018.
Our advice remains to continue to prepare for the coming GDRP although many clients will wish to “soft peddle” for the time being. Whatever happens few organisations will go far wrong by ensuring that they have a proper understanding of the HR data that they process and have appropriate security measures in place. To learn more about the practical steps required to implement the GDPR click here.
Finally, in recent days the European Commission has formally approved the so called “Privacy Shield” for transfers from 1 August 2016. This is a self-certification scheme for US companies which, effectively, allows them to share EU derived data by “opting in” to EU data protection law. It replaces the Safe Harbor which was invalided by the ECJ back in October 2015. As most large corporations have already entered into “model agreements” there will be no reason for most clients to do anything. It does however provide another means of legitimising transfers. To learn more about cross border data flows click here.