How to navigate GDPR complexity

There’s been a lot of turbulence in the data privacy regulation space in the past couple of years. Post Brexit, there was a risk for the UK to be digitally isolated from the EU.

For the moment, the General Data Protection Regulation (GDPR) has been kept in UK law as the UK GDPR, and the EU recognizes the UK under the GDPR and the LED (Law Enforcement Directive) as providing adequate data protection, which means that data can – for the most part – continue to flow.

This adequacy status will last until June 2025, and the EU Commission will then decide whether to extend this for the next four years or give the UK an adequacy status similar to that of Switzerland, Andorra, etc.

Whether your company is in the UK or in the EU, being compliant with the UK GDPR or the EU GDPR is important, because fundamentally the two are very similar. When organizations map out data processes, many of them will need to review existing contracts, particularly making sure that anything that they present publicly on their privacy policy is up to date and isn’t referencing out of date data compliance laws.

In this video for Help Net Security, Dave Horton, VP of Solutions Engineering at Odaseva, explains how the GDPR has evolved in the last four years.