What should British business consider if they currently store their data in the EU?
In the UK, organisations are currently required to adhere to the Data Protection Act as well as European legislation for protection of personal data. But how will this change with the upcoming ‘Brexit’ and what do businesses need to know moving forward?
The EU General Data Protection Regulation (GDPR) is an updated data protection legislation which is scheduled to go into effect in Europe in May 2018. It will take two years to leave the EU once Article 50 has been triggered, formally announcing the UK’s departure from the EU, so the UK will still technically be a part of the EU in May 2018. This has left some doubt over the future of certain European-based data protection laws in the UK.
However, following the referendum vote, the Information Commissioner’s Office (ICO) announced its intent to continue implementing the guidelines outlined in the GDPR. They have also released a guide outlining 12 steps organisations should take now to prepare for these regulations.
Data protection guidelines
Data protection is highly important for any organisation that collects personal data, especially customers’ financial and personal identifying details.
Aside from complying with laws, companies that lose customers’ data, or from whom it is stolen, face significant reputational damage, such as that experienced by Sony in 2011.
In order to comply with data protection regulations, businesses should develop and follow organisational policies in order to ensure data is used lawfully, kept safe and secure and handled according to people’s data protection rights.
When looking toward a strategy for data protection that will be effective now, as well as after the UK leaves the EU, organisations should plan on adhering to the GDPR regulations. This is especially true if your business still hopes to trade with the EU.
In brief, the new GDPR guidelines include recommendations for:
- Documentation of personal data storage
- Procedures for preventing or detecting data breaches
- Assigning dedicated staff members to be responsible for a company’s data
You can view the GDPR guidelines in full on the ICO website.
Data storage recommendations
Only about 27 per cent of UK businesses currently store their data in Britain, according to a June 2016 survey. However, 92 per cent surveyed thought it was important that data is stored, accessed and backed up in the UK.
There are numerous benefits to storing data nationally or even locally. One primary reason to store data in the UK is that it will ensure your organisation’s data storage procedures are in line with government regulations.
If you currently utilise a European data storage centre outside the UK, the David Allen IT experts highly recommend relocating to a data centre in the UK. This guarantees that the data is secure in line with any future variations to UK data protection law, and your organisation is safeguarded against penalty fees or data losses.
David Allen IT Solutions can help to store your data securely as well as providing methods for your organisation to ensure your critical data is protected.
We have a secure data centre, based in Carlisle, which means that all of your valuable company information, documents and customer data are backed up to the highest degree, monitored 24/7 and protected against natural disaster or cyber-attack.
Organisations can also rely on us to advise on the most secure methods to protect data, including development of organisational policies, antivirus software, device encryption, antispam filters and more.
Contact our IT solutions team to develop a data storage policy for your organisation, request a free consultation or learn about the benefits of storing corporate data in our secure data centre.