Cutting our ties to Europe and its red tape

In the turmoil over the Covid-19 pandemic, we may have forgotten that we’re in the process of leaving the EU and therefore its data protection jurisdiction. Jane Braithwaite and Karen Heaton outline what it means for your practice.

Significant changes to the business environment are often outside the control of medical practice owners, and always involve some work for busy medical practice staff.  

In our concluding article of the series, we are looking at what medical practices need to be thinking about as the UK exits the transition period in December 2020.

For changes involving the processing of personal data, those medical practices who have invested in bringing their operations in line with the EU’s General Data Protection (GDPR) regulations and have embedded a data privacy and security culture within their organisations will be in a position to respond faster and more efficiently to changes outside their control, such as Brexit. 

The UK left the EU on 31 January 2020 and is now operating under the terms of the Withdrawal Agreement between the UK and the EU. This agreement runs until 31 December 2020.  

Unless there is an extension to the Withdrawal Agreement, the UK will either leave with or without a future deal between the UK and the EU.  

Will there be a deal?

As everyone knows, the negotiations on what the future relationship between the UK and the EU will look like were put underway before the pandemic. It may be some time before businesses understand what that relationship will be and what it might mean for data protection.

At Data Protection 4 Business, we believe that the preparation and analysis for most scenarios regarding data protection remains the same. Therefore, we are going to discuss the pragmatic steps your practice can take now without waiting for the final decisions at the end of the year. 

Our main scenario for the purpose of this article, is as follows: