As Brexit begins to play out, its final form is shrouded in uncertainty. In stark contrast, what’s certain, is that Brexit, in whichever form it comes, will not prevent UK businesses from being affected by GDPR come May 2018.


Mistakenly, 44% of UK businesses believe the new EU data protection laws won’t apply to them, courtesy of Brexit; 24% of businesses have stopped GDPR preparation altogether because of this belief (research referenced by, 2017). On a side-note, it’s estimated that only 47% of businesses in the UK are actually aware of GDPR (UK Cyber Readiness Survey, 2017), which is a worrying issue in itself.


Why Brexit Won’t Save You from GDPR


Firstly, GDPR will apply from 25th May 2018, which is prior to the date that the UK is due to formally exit from the EU.


Secondly and more explicitly, the UK Government (Matt Hancock MP, Minister of State for Digital and Culture) confirmed in February this year that the GDPR will come into effect in the UK, regardless of our EU membership status. It’s the Government’s belief that GDPR enforces best practice for handling data.


At this point you may be thinking, if the UK leaves the EU then we can begin to draft our own data protection laws. You’d be correct in thinking this. However, we’d continue to be subject to the GDPR in situations where UK businesses process the personal data of EU citizens. Therefore, thirdly, even if the UK changed its stance on GDPR and began drafting entirely separate data protection law, it still affects companies holding data on EU citizens.


Be Prepared – GDPR Readiness Workshops


GDPR is coming and businesses need to be prepared.


GDPR Readiness Workshops review the extent of personally identifiable information (PII) held and processed by your business and assess the deficit of this in relation to GDPR compliance. This report is analysed and concrete steps are listed against each area of non-compliance to strengthen the processes around handling PII whether you’re a ‘controller’ or ‘processor’.  For further information on GDPR Readiness Workshops, email


What is GDPR?

GDPR is the first major legislative change to European Data Protection law since Directive (95/46/EC) which was written in the 90’s. With fines as high as 20 million Euro’s or up to 4% of global annual turnover (whichever is greater), it’s been ratified by the UK and is due to come into force in May 2018.