Expert Advice Community

Guest

Conversion to UK version of GDPR

  Quote
Guest
Guest user Created:   Sep 24, 2021 Last commented:   Oct 06, 2021

Conversion to UK version of GDPR

I work for ***. Several years ago I purchased your organization's EU GDPR toolkit and used it to assist in preparing my organization for GDPR. As we are a UK firm, in a post-Brexit world we do fall under the UK data protection legislation. I am wondering if you have a similar package related to the UK law. That being said, I recognize the two laws (EU and UK) are quite similar, so perhaps your advice would be to use the same policies and procedures, but to simply reference the UK law in place of the EU law. Please let me know your thoughts when you get a chance.  
0 1

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Sep 30, 2021

Yes, UK GDPR is shaped by EU GDPR. You need to assess whether your organization falls under the scope of both regulations or not because both EU GDPR and UK GDPR have extraterritorial applications.

Therefore, if you need to comply with EU GDPR and UK GDPR in the normative section you can add UK GDPR and UK Data Protection Act 2018 as legislative references in the policies and in the documentation, while if you need to comply with UK GDPR you can replace all EU GDPR references with the UK GDPR.

For more information, see:

You can also consider enrolling in this free EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/

Quote
0 0
Expert
Alessandra Nisticò Oct 06, 2021

Thanks for your response. Would you say that if a policy is already designed to comply with EU GDPR, then simply amending the language to also reference UK GDPR is sufficient? In other words, is the only change required to specify that it’s UK, but no actual substantive changes to the policy are needed?

Yes, that is right. Of course, I suggest you monitor the Information Commissioner Officer (you can subscribe to the newsletter which is good) if any change in the legislation happens. Now, the UK GDPR is mirroring the EU GDPR (it was a condition to benefit from the adequacy decision for data transfer between the UK and the EU), but in the future things may change.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 24, 2021

Oct 06, 2021

Suggested Topics