Thursday 23rd June 2016 marked a significant day for the UK. As the majority of the public voted to leave the European Union, there has been a lot of uncertainty around the future of the UK and the direction we would be taking following the EU referendum.
With the ongoing political turmoil in the UK, it could be months or years before the British government invokes Article 50, should they decide to do so, followed by a further two years of negotiations.
This uncertainty over the future direction of the UK has the potential to cause paralysis with regards to the strategic planning within certain facets of organisations, particularly those that require long-term investments, such as those within the IT sector.
One aspect that has, and will continue, to be heavily impacted by Brexit, is that of data protection and data sovereignty legislation. With the adoption of online data backup and other cloud technologies becoming more commonplace, the UK government’s stance on data sovereignty will play a key role in the decision making of IT leaders.
Does the UK still need to comply with the EU’s GDPR?
Prior to the referendum, it was expected that the UK would have to comply with the European General Data Protection Regulation (GDPR), which would come into effect in 2018.
Following the vote on the 23rd June, the UK’s need to comply with this regulation is now left unclear. The country may decide to implement their own data protection laws, or may still choose to adopt the GDPR. Either way, organisations will need to consider this when deciding which cloud service providers to partner with.
With no clarity at this stage as to which direction the UK will go, organisations should bear in mind that if the UK as a whole wishes to work with the EU single market on an equal footing, then the UK will require data protection legislation that offers equivalent protection to that of the EU. On this basis, it’s safe to assume that UK legislation will closely mirror that of the EU’s GDPR.
Choosing who manages your data.
Choosing the right data manager to manage your data minimises the level of stress felt by your organisation. They will be able to assure you of the next steps that you should be taking when it comes to protecting your data, to remain compliant with any regulations that come into effect.
An assuring indication that a data manager takes procedures and security seriously will be if they are ISO 27001 and 9001 certified. There are a growing number of companies who refuse to work with cloud service providers who are not ISO certified. Furthermore, the ISO certifications are evidence of the provider’s attitudes towards the management and security of their platform, meaning you can rest assured you are working with a reputable provider.
In addition, some businesses are already subject to industry legislation which prevents them from storing their data outside of Europe, others are legally obliged to store data within the UK’s borders and for others it doesn’t matter. However, for any business looking to adopt cloud backup, it’s important to understand the location of the provider’s data centre. This is particularly true with the current state of uncertainty amongst business leaders, who remain in the dark on how Brexit will impact data protection.
Understanding data protection and security is an area of IT all by itself. It has arguably become the world’s largest industry in recent years and for good reason; privacy and security attacks are regularly reported within all forms of business. Complying with the various and continuous regulations is no mean feat and tackling security attacks is always a challenge. Toolbox Group are ISO 27001 certified and we manage data for both UK and international clients. If you are interested to learn more, please get in touch with firstname.lastname@example.org