Originally written by Ian Osborne on Small Business
Whatever side of the Brexit debate you sit on, it is becoming increasingly likely that the UK will no longer be part of the EU from the end of October.
This presents an array of challenges – and arguably opportunities – for small and medium-sized enterprises (SMEs).
However, one key aspect that business leaders must be aware of is GDPR and Brexit and how leaving the EU will affect their operations in terms of data security.
See also: GDPR one year on: what fines have been issued so far?
What the government says you should do
Guidance from the Information Commissioner’s Office (ICO) has confirmed that whether we leave with EU with or without a deal, most of the data protection rules affecting SMEs will remain the same.
The good news is that UK businesses that comply with GDPR and have no contacts or customers in the EEA (the EEA is the EU plus Iceland, Norway and Liechtenstein) don’t need to do much more to prepare for data protection after Brexit.
What if you receive data from Europe?
However, UK businesses that receive personal data from contacts within the EEA must take additional steps to ensure they are fully compliant after