February 24, 2021

Breaking News | Europe Set to Certify UK Data Protection Provisions

The European Commission has just published its preliminary ‘adequacy’ decision about data protection. It expects to confirm that UK data protection law is regarded as equivalent to the EU’s own (GDPR).

This is really good news and will be a major milestone for any organisation with clients in the EU or EEA area. It’s equally important for organisations who have their HQ or other operations based there.

As part of the Brexit withdrawal agreement, interim provisions are currently in place. They are due to expire in a couple of months. There was a risk that EU/UK organisations would then lose the equivalent status they currently enjoy. All personal data processed between the EU and UK would potentially have to go through a tedious and bureaucratic endorsement process.

For its part, the UK has already confirmed that it continues to regard EU data protection law as equivalent. This is unsurprising as the UK was, of course, a constituent of the EU when the General Data Protection Regulation was introduced throughout Europe in 2018.

Because the UK introduced its own ‘UK GDPR’ legislation in January, there was a risk the EU may determine it was not of equivalent status. However, the European Commission has now confirmed it believes UK provisions meet its ‘adequacy’ test.

Their media release states:

“Over the past months, the Commission has carefully assessed the UK’s law and practice on personal data protection, including the rules on access to data by public authorities. It concludes that the UK ensures an essentially equivalent level of protection to the one guaranteed under the General Data Protection Regulation (GDPR) and, for the first time, under the Law Enforcement Directive (LED).”

Please note that this is, however, simply a recommendation at this stage. The matter will now be considered in detail by the European Data Protection Board as well as representatives of the EU member states. Hopefully, and expectedly, the Commission’s opinions will be confirmed.

As Elizabeth Denham, the UK Information Commissioner, recently stated:

“The draft adequacy decisions are an important milestone in securing continued frictionless data transfers from the EU to the UK.”

It brings us a step closer to the continuation of ‘business as usual’ as far as processing personal data between the rest of Europe and the UK is concerned.

We will continue to update this news story as this important matter progresses.

Share this article

About the author

Mike Fitzsimmons

About the author

Mike Fitzsimmons

Mike is a Senior HR Consultant within the Moorepay Policy Team. He is responsible for the developing of employment documentation and is an Employment law advisor. With over 30 years of senior management and HR experience, Mike has managed teams of between 30 and 100 employees and is familiar with all the issues that employing people brings. He has also served as a non-executive director on the Boards of several social enterprises and undertook a five year tour of duty as Executive Chair of a £30+ million annual turnover Government agency.

Related Posts

5 things your payroll provider SHOULD be doing to add value to your business
Five things your payroll provider SHOULD be doing to add value to your business

Gone are the days when a payroll provider simply hits ‘pay’ and your employees jump…

View Post
five reasons hr team are time poor
Five reasons your HR team are time poor – and how to fix it!

Feel like your HR department are always chasing down the clock? Overstretched and needing more…

View Post
How to measure the true value of your outsourced payroll service
How to measure the true value of your outsourced payroll service

According to research from YouGov 70% of organisation outsource part of their business to external…

View Post

Making payroll & HR easy