Achieving EU data adequacy ‘increasingly challenging’, minister admits
With time running out to secure adequacy decision before end of transition period, organisations are advised other mechanisms will be available
With little more than a month remaining, government has admitted it faces an “increasingly challenging” task to achieve EU data adequacy status before the end of the Brexit transition period.
For some months, the government has been working with the European Commission to try and ensure data adequacy status – which would mean that data could continue to be legally transferred between UK businesses and public sector bodies and organisations in the remaining 27 member states.
Minister for data John Whittingdale said that the government is “working constructively with the commission to secure data adequacy by the end of the transition period [and] we see no reason why we should not be awarded adequacy”.
“However, the process is controlled by the commission,” he added. “And we are realistic about the increasingly challenging timelines for completion.”
Whittingdale advised UK firms that, even if adequacy cannot be achieved before the end of the year, they can look to “alternative legal mechanisms to continue receiving personal data from the EU”.
“Standard Contractual Clauses (SCCs) are the most common legal safeguard and will be the relevant mitigation for most organisations,” he said. “The ICO has created an interactive SCCs tool for businesses to use and further guidance can be found on GOV.UK and the ICO’s website regarding steps organisations may be required to take relating to data protection and data flows by the end of the transition period.”
Whittingdale’s comments were made in answer to a written parliamentary question from Scottish National Party MP Brendan MacNeil.
Legacy IT has accounted for 80% of additional expense, according to PAC
Public Accounts Committee points to need for more funding and legislative changes
Local authorities ink six-year contract
Chief executive Julie Lennard on the role of tech in responding to the pandemic, and how people’s expectations of online tools have changed
The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...
2020 was a cyber security wake up call for many organisations. Attempting to provide secure remote access and device flexibility quickly exposed the flaws in legacy systems and processes. As we...
One Trust breaks down the modular approach of the new SCCs
In 2020 public sector organisations have been tested to a degree never experienced before. According to CrowdStrike, increasing cybersecurity attacks are an additional complication they must...