Rob Masson, CEO at the DPO Centre, said “Data, and its freedom to cross borders between the EU and the UK has remained a critical issue post-Brexit.
The European CommissionOne of the core institutions of the European Union, responsible for lawmaking, policymaking and monitoring compliance with EU law. publishing draft rules that they will allow ‘data adequacy’ will come as a welcome relief to the thousands of companies, particularly those in banking and healthcare, who would otherwise have had to implement onerous additional transferThe movement of data from one place to another. This could be, for example, from one data controller to another, or from one jurisdiction to another. safeguardsWhen transferring personal data to a third country, organisations must put in place appropriate safeguards to ensure the protection of personal data. Organisations should ensure that data subjects' rights will be respected and that the data subject has access to redress if they don't, and that the GDPR principles will be adhered to whilst the personal data is in the.... The decision is still to be scrutinised by the European Data Protection Board (EDPB), and then approved by representatives of the EU member states before it is formally adopted, however the draft decision is a positive sign that progress has been made whilst the clock has been ticking towards the end of the bridging period following Brexit. It should be noted however, that gaining Adequacy has not removed the requirement to appoint a Representative. The UK is now a “3rd country” so Article 27 GDPR still applies.
The UK government has rightly said the data economy is integral to the UK’s growth and future prosperity. Going forwards, the UK has an opportunity to create a strong data infrastructure; with a high level of regulatory compliance, along with developing a data-literate workforce, and increasing the number of people with advanced data skills.”