Data protection is still ‘business as usual’ for Bedford businesses after Queen’s speech

Data Privacy

A notable inclusion in the Queen’s Speech earlier this month was the proposed UK Data Reform Bill – the “Brexit Dividend” as the Government has labelled it.

The Government claim this Data Reform Bill will reform the UK’s data protection regime, freeing it up from the GDPR which has challenged many organisations since 25th May 2018.

But is the Data Reform Bill really going to release the UK from the GDPR?

At this time, nobody really knows what the UK’s data protection laws will look like off the back of this Bill but there are warning signs as to the implications of this path.

The Data Reform Bill contains modifications to the Human Rights Act. If these modifications are passed, then the Adequacy decision awarded by the EU during Brexit which allows the free flow of personal data to and from the UK may be revoked.

This was one of the original risks of a no-deal Brexit and will be costly to UK businesses in many ways.

Imagine having to re-draft all your contracts with specific clauses just to send or receive personal data from the EU or the transfer will be unlawful.

Some EU companies may be unwilling to work with UK companies until these clauses are in place.

Businesses reliant on trade from the EU, or with its supply chain there will still need to comply with the EU GDPR.

As a business, do you continue to comply with the GDPR as the recognised global standard, or double your compliance workload and split your efforts between the UK and EU legislation?

The Information Commissioners Office (ICO) would become more reportable and accountable to Parliament, with Parliament able to over-rule their decisions – this would compromise the independence of the regulator and could make rulings for data breaches harder to implement.

If the Consultation White Paper published by the Government in September 2021 is anything to go by, then data protection may take on a more “risk-based” approach based on the size of your business and the type or amount of personal data you process, rather than the one-size-fits-all in place now.

This could be a positive move in removing some of the compliance burdens from small companies or lead to even more uncertainty with companies unsure of which category they fall into and – and having to justify their compliance position when challenged by external parties.

In reality, the only businesses that are likely to truly benefit from any changes are micro-businesses whose entire operation is UK-based.

If you’re not one of these businesses, then our recommendation is its business as usual – the GDPR remains the global standard in data protection and is here to stay.

Andy Chesterman, Director, Privacy Helper
Advertising feature with Privacy Helper

Now more than ever, we need your help to fund the Bedford Independent’s quality journalism that serves our community...

We choose to champion editorial independence, meaning we report the facts without bias and can stand up to those in power when we believe it’s needed.

We can give a voice to people in our community whose voices may otherwise not be heard. And we don’t have a paywall, so everyone can read the stories we publish for free.

But in this time of crisis, many news organisations all over the world are facing existential threat, with advertising revenues plummeting. We’re no different.

We work hard every day to bring you news, commentary, entertainment and announcements from across Bedford. We hope that, with your help, we’ll be able to continue this for many years to come.

Will you help sustain our work today by clicking below ? Even a small donation makes a difference for our future.

Thank you for your support.