As we know, the UK voted to leave the EU on 23rd June 2016.
The UK is required to serve notice under Article 50 of the Lisbon Treaty and this carries a two year notice period.
The General Data Protection Regulation is due to be implemented in less than two years – 25th May 2018. GDPR applies not just to organisations established within the EU but to any organisation which processes the data of EU citizens. Or an organisation which offers goods and services to EU members. It also serves to monitor online behaviour.
Even standing outside the EU, the long arm of GDPR will apply to any UK organisation handling the data of EU citizens. The UK will need to prove ‘adequacy’ for data protection.
Countries globally are preparing now for GPDR.
For full details of the 12 steps your organisation is guided to take to prepare for GPDR, Amicus ITS invites you to read the ICOs PDF white paper “Preparing for the General Data Protection Regulation (GDPR) attached here: ico-preparing-for-the-gdpr-12-steps
I strongly recommend all organisations to be actively researching what they need to do to comply with GDPR, as once released it automatically becomes law in all EU Member states.