One of the big challenges faced by many UK companies is the tricky issue of personal data. As we get closer to the date of 31st December 2020 this becomes even more of a priority.
Even though, the UK has left the European Union (11pm on 31st January 2020), there is a transition period in place until the end of December. And that means organisations can transfer data freely as they did when the UK was an EU member.
But, there is uncertainty about what the future holds. It’s clear that there will be differences in data security requirements between the UK and the EU.
In essence there will be an “event data gap.”
How Big is the Event Data Gap?
In broad terms, whilst UK organisations will be able to send personal data across to the European Union, they may not be able to receive personal data in return. But why not? Simply, because the European country sending the personal data to the UK has to be sure that appropriate security measures are in place to protect it.
Get Over the Gap
Is this is a big issue for organisations? With the complexity of GDPR and the changing political landscape this is not an easy question to answer. It depends on a number of factors.
The UK government has said that transfers of data from the UK to the European Economic Area (EEA) will not be restricted. However, from the end of the transition period, GDPR transfer rules will apply to any data coming from the EEA into the UK.
We can use a simple scenario to illustrate how an event data gap could easily occur. Let’s imagine your UK event agency is producing an event. To deal with the registration of delegates, you have contracted the services of an event registration company (based in the Netherlands). You send the registration company details of the delegates that are due to attend. The registration company is acting as a data processor for you.
But, because they are based in the Netherlands, they do not have to send the processed delegate information back to you. Unless you, (the UK company) can provide the Dutch company with the necessary assurances that you have strict data security protocols in place that meet their requirements. In this example you would need to fully investigate what would be needed by the regulatory authority of the Netherlands. And how to comply with their rules.
You need to consider what data security safeguards you can put in place to ensure that data can continue to flow into the UK. One of the ways you can do that is by adhering to the relevant Data Regulation requirements of the countries involved.
In the UK the relevant authority is the Information Commissioner’s Office (ICO). Check out their website and sign up for their newsletters for the very latest information.
The suggestion is not to wait for the ‘politicians’ magic wand but act now and be ready for changes on 31 December 2020.
Gain Trust and Win More Business
Data security is always going to be an ongoing priority. After all, personal data is valuable currency. Event delegates want to know that their personal information is in safe hands.
Those businesses that truly embrace personal data security will become known for being reliable and trusted providers. They will embrace new requirements as being part and parcel of doing business. They will win more business and vault the data gap whilst other providers will be struggling to navigate it safely. Some may fall in.
Good luck, just make sure you avoid the event data gap.