How will data security be affected by a no-deal Brexit?

The UK is expected to leave the EU on 29^th March 2019, and businesses will need to begin their preparations before this date. The Information Commissioner’s Office has outlined six steps that all businesses should take with respect to their data protection in order to prepare for a possible no deal Brexit. The ICO recommends that you:

Continue to adhere to GDPR standards and follow the ICO guidance as normal.

Look at any areas in which you receive data in to the UK from the European Economic Area (EEA). Identify the GDPR safeguards that you could implement to ensure data can continue to flow once we are outside the EU.

Identify anywhere that your company transfers data from the UK to any other country. This transfer will fall under new UK transfer and documentation provisions.

Review your company’s structure as a whole to assess how the UK’s departure from the EU will affect any specific data policies within your business.

Review all privacy information and internal documentation and update accordingly.

Keep the people within your organisation informed of any changes and ensure you keep up to date with any information and guidance as it’s released.

If you are at all concerned about the implications of Brexit on your business then you may wish to consider taking professional advice in regards to reviewing your data flows and obtaining assistance bespoke to the individual needs of your organisation.

What happens with GDPR?

The General Data Protection Regulation is a law which currently covers all member states of the European Union. What this technically means is that after Brexit, it will cease to be the law in the UK. However, the UK government has already stated that they intend to write the GDPR in to UK law with amendments to reflect the changes that come with Brexit. For example, parts of the GDPR refer to the UK as a member state of the EU, so naturally these will be omitted from any new regulation. The government intends for the “UK GDPR” to apply to controllers and processors outside of the UK where their own activities include the data processing of individuals in the UK or the selling of goods and services to those in the UK.

For more information on the implications of a no deal Brexit on data protection, please visit the ICO’s online documentation here.

How will CWCS continue to keep my data secure?

We have, in recent months, been contacted by customers who have concerns about where their data is stored and how secure this is. We would like to alleviate this concern by discussing our own data security arrangements.

CWCS is a secure hosting provider; we have a number of physical and cyber security measures in place. Our ISO 27001:2013 compliant security management is independently audited for your assurance that we will always keep your information secure, intact, and only available to those authorised to access it. Furthermore, ISO 27001 certification is only awarded to organisations that can demonstrate that they protect the confidentiality, integrity and availability of the information within their organisation. CWCS has the strictest security measures in place, and where possible we endeavour to go beyond our ISO 27001 standard to really enforce the security and safety of our hosting.

In other words, our commitment to safe and secure hosting goes far beyond our certifications. The security of our data centres and offices and everything in them is critical to the success of our business. Your data is housed in the UK in our privately owned data centres, which continually evolve to ensure we provide the highest levels of data security at all times.

As well as the high standard of security that we keep as standard at CWCS, we are also able to discuss any additional measures and solutions bespoke to your own organisation’s security needs. If you would like to discuss the potential options available to you, please get in touch.