Close

January 4, 2021

Data Protection – Hot off the press for all those registered with the ICO

Everyone will be aware that at 11pm on 31 December 2020 the transition period for the UK leaving the EU ended. However, at the end of December, organisations may have missed the Government’s announcement about the decision as to whether the UK will be viewed as an ‘adequate country’ for the flow of personal data from the EU. A ‘bridging mechanism’ has been put into place extending this adequacy decision from the 1 January 2021 to no later than the end of June 2021.  This news is particularly helpful for those who are a processor for an EEA customer or process employee information from an EEA subsidiary. Nevertheless, despite the extension, the ICO continues to advise organisations that receive data from the EEA to ensure that alternative transfer mechanisms are in place to allow the free flow of personal data from the EU to UK.

Regardless of this extension there are key actions that organisations need to enact now including:

  1. Update your privacy policy / notices to reflect the correct legislation and wording around the transfer of data outside of the EU
  2. Review your records of processing activity (information audits) to ensure they are up to date
  3. Decide if you need to deal with more than one Supervisory Authority such as the Information Commissioner’s Office (ICO) for the UK
  4. Understand and determine whether you legally require an European Economic Area (EEA) or/and an UK representative (please note this is not the same as your Data Protection Officer)

If you wish to learn more about the information above and ensure you continue to be data protection compliant, register for our GDPR Refresher & Brexit Update –  Interactive Webinar delivered by Stephanie Harper, FCIPD, GDPR Practitioner on Thursday 28th January 2021 10:30am to noon. To allow effective discussion please note places are limited and early booking advisable. Further details can be found here.

This webinar is an update and attendees are expected to have a basic data protection legislation knowledge (such as attending the previous Navigator GDPR roadshow).  If you require a more detailed basic overview or are looking for a refresher webinar for your employees (required every 2 years) please contact Ruth Gladwell.

January 4, 2021

STAY INFORMED:

SIGN UP TO OUR NEWSLETTER

Stay informed with the latest changes in employment law, noteworthy cases, upcoming events and other useful articles.

We need your consent in order to provide this service. This means you have the right to withdraw your consent at any time. To withdraw your consent please email us at enquiries@navigatorlaw.co.uk or call us +44(0)3332400308. For more information about what we do with personal data see our privacy notice.

“We are delighted to have received endorsement from our auditors that we fall within the top 5 to 10% of data compliant organisations. We are grateful for the knowledgeable and practical input from Navigator to help us on this journey in terms of key documentation review and, assistance with our Data Protection Impact Assessment process.”

Paul Hayllor
Head of Digital and Information Services

Testimonial – Independent Living Fund Scotland (ILFS)

READ MORE CLIENT TESTIMONIALS