Skip to content
  • Homepage
  • Our Solutions
    • Document Storage and Records Management
      • Deed Storage
      • Long Term Storage
      • Media Storage Solutions
      • On Demand Storage
      • Onsite Management
      • Secure Vault Storage
    • AP Invoice Automation Solution
      • Start Your AP Journey
      • E-Invoicing
      • Features
      • ERP Integrations
      • Insights by Industry
      • Why Kefron AP?
      • Pricing
    • IT Asset Disposition Services
      • IT Asset Disposal
      • Hard Drive Shredding Services
      • Secure Data Destruction
      • WEEE Recycling and Electrical Waste Disposal
      • Refurbished IT Equipment
      • IT Equipment Resale and Revenue Return
    • Scanning and Data Capture
      • Scan to Digitise
      • Scan to Process
      • Digital Mailroom
      • Microfiche Scanning
    • Online Document Solutions
      • Online Document
        Management Software
      • Online Document Storage
    • Business Process Services
      • Data Management
      • Data Subject Access Requests
      • Securities and Deeds Management
  • Who We Are
    • About Kefron
    • Who We Are
    • Partners
    • Contact Us
    • Working with Kefron
  • News & Events
    • News & Events
    • Articles & Updates
    • Customer Stories
    • Upcoming Events
    • On-demand Events
    • Select Location
    • Ireland
    • United Kingdom
    • United States
    • Rest of the world
  • Let’s Talk
  • Republic of Ireland website
  • UK website
  • US website
  • Rest of the world website

Brexit & GDPR: How will UK businesses be affected?

First published September 2016

Britain exiting the European Union will have huge ramifications for UK businesses. Do you understand how your business will be affected?
As the UK public voted to leave the European Union, a collective sigh of relief must have rung out across the nation from businesses who, in their mind, believed that the General Data Protection Regulation and its associated laws could now be cast aside, never to be mentioned about again.

Unfortunately for some, this is not entirely true. In fact, while the UK has voted to leave the European Union, many companies will still be constrained by the law. In short, if your business trades with European member states and possesses information on EU citizens, you will be affected.

Still confused or unsure about whether your organisation needs to comply with the new data protection and cyber security laws coming into effect in 2018? Read on to find out everything you need to know.

The consequences of delaying Article 50 of the Lisbon Treaty

The reason why most companies are so uncertain about how Brexit will affect compliance with the GDPR comes down to timing.

The government’s choice to delay the activation of Article 50 of the Lisbon Treaty until 2017 is significant as it means the UK will almost certainly experience life under the GDPR. The only eventuality where this does not happen is if withdrawal arrangements are negotiated and unanimously agreed upon before the regulation comes into effect on Friday 25th May 2018. However, this is unlikely to happen.

Here lies one of the most common misconceptions associated with the GDPR and Brexit. Many organisations believe that the UK’s exit from the European Union means that they will not have to prepare for change as the regulation will only affect the remaining 27 EU member states. This is simply not the case.

The GDPR and the Long Arm of the Law

If your organisation is not familiar with the intricacies of the GDPR (just like 44% of IT professionals indicated in a recent poll by Computer Weekly), the companies most likely to be affected are those that offer goods or services to EU citizens, as well as collect, control, handle or process data on individuals residing in a European member state.

So regardless of whether the UK is in the European Union or not, if you are a company that performs any of the aforementioned actions in relation to an EU resident, you will need to abide by the laws governed by the GDPR. Territories such as the United States, India, Australia and China will all be affected in the same way.

Problems associated with Brexit and GDPR

The most common problem faced by the majority of UK-based organisations is that they already possess personal data from individuals living in the remaining 27 EU member states (including UK citizens living in the EU).

If those responsible for data collection at your business do not fully understand the new guidelines and utilise this data in an unlawful manner, the consequences may be devastating.

If this is a situation that your business finds itself in, compliance with the GDPR is imperative otherwise you may experience the following:

  • An unexpected expenditure from your cyber security budget due to the legal implications of obtaining data unlawfully
  • A fine from the GDPR governing body, which could range from €250,000 to €1,000,000, or 2% of your global turnover, due to breaching outlined provisions
  • Difficulty utilising and processing existing data to use in Big Data initiatives after 2018
  • Indecisiveness at board level resulting in an incredibly short time scale to implement necessary processes and safeguards

Should your business still prepare for the GDPR?

If your business trades with or processes the personal data of EU residents, you will still be bound by the new regulation’s provisions. There are only a few requirements that may no longer apply – for example, the necessity of a Data Protection Officer.

If your business does not directly trade or collect data from individuals in the EU, you should still review your data protection processes.

The GDPR has been put in place to highlight data protection best practice. Therefore, the best advice for companies is to embrace this new framework, as it is likely the UK will soon have its own data protection regulation that utilises similar principles.

Leaving the European Union will not make a significant difference to the majority of UK businesses with regards to the GDPR. If your company already has a framework in place that it is using to ensure compliance with the GDPR, it is recommended that this planning and preparation continues.

If you’re unsure about where to start, organisations should look to implement the following:

  • A review of all technical and procedural controls around your data, including the data that it currently possesses
  • Re-writing all documentation associated with your organisation’s privacy policies so that they are in clear and concise terms (or plain English)
  • Creation of new processes and procedures that will help to handle data subject and data deletion requests

The GDPR is not something that should be considered an inconvenience. It has been created so that companies are better able to cater to the needs of their customers, whilst formulating universal best practice protocols to aid information management policies, procedures, and technologies. This will minimise possible data loss incidents, as well as data breaches.

Is your business ready for the General Data Protection Regulation?

BlogBusiness Processes

Related articles

Impact of New Digital Legislation on Irish and European Businesses in 2025

BlogBusiness Processes

The 2024 Digital Legislation, including the EU AI Act, Digital Services Act (DSA), NIS2 Directive, and Cyber Resilience Act, significantly impacts Irish and European businesses. Key areas affected include AI regulation, cybersecurity, and platform ac...

Read more

6 Simple Steps To Creating A Paperless Office

BlogBusiness Processes

How can you make the switch to a paperless office? Here are 6 simple steps to help your company make the dream a reality. Read our latest blog.

Read more

GDPR Compliance: One Year On, How Has Your Business Been Affected?

BlogBusiness Processes

Only a year ago, the long-awaited arrival of the European Union’s stringent GDPR final ended, and the business world would never be the same again. But now than the dust has settled, has the expected dramatic shake-up to data protection actually ha...

Read more

GDPR: Non-Compliant Businesses Facing First Fines

BlogBusiness Processes

It is now 6 months since the EU’s new data protection measures, the General Data Protection Regulation (GDPR), finally came into effect. But although May 25th had long been known as the deadline, there are still companies out there who are not yet ...

Read more

Data Protection in Hospitals: How To Rectify GDPR Failings In The Hospital Sector

BlogBusiness Processes

Not every sector has yet complied with GDPR. One of the biggest is the Hospitals Sector, with the Data Protection Commission highlighting 14 matters of concern it has found in hospitals. But while the situation is serious, some key steps are all that...

Read more

Why Maximizing Staff Awareness Is The Key To A Smooth GDPR Transition

BlogBusiness Processes

With D-Day fast approaching, full GDPR readiness should almost be complete. But does your staff really understand their role in the transition? Staff awareness is not only a key part of compliance, it can strengthen your organisation’s long-term po...

Read more

Data Protection Impact Assessments: What Are They and Why The GDPR Insists On Them

BlogBusiness Processes

With the GDPR around the corner, companies throughout Europe have had to re-examine both their business structures and practices. With the new regulations relating to data protection, Data Protection Impact Assessments are set to become compulsory. B...

Read more

5 Benefits Getting GDPR Ready Brings To Your Business

BlogBusiness Processes

For many business owners, the imminent arrival of the EU’s General Data Protection Regulations (GDPR) next year is something that is keeping them up at night. But initiatives associated with getting GDPR-ready are set to also bring real benefits to...

Read more

How CCTV Footage Has Become A Data Protection Matter

BlogBusiness Processes

CCTV used to be considered a solution to security issues. But in recent years, data protection legislation in both the UK and Ireland has reflected concerns over privacy and personal rights. Storing recorded security footage is now considered the s...

Read more

Why Storing Dark Data and Mining Its Secrets Benefits Businesses

BlogBusiness Processes

With a name that, alone, suggests it’s something no enterprise should want to keep, Dark Data is often a misunderstood presence in company servers. In fact, despite its ominous name, it is actually a highly-valuable asset, and storing Dark Data and...

Read more

Get in touch

Ireland
53 Park West Road
Dublin 12, D12 F8RK
T: +353 (0)1 438 0200

Connect with us

TwitterYouTubeInstagramLinkedInFacebookVimeo

  • Privacy Statement
  • Terms And Conditions
  • Sitemap

© Copyright 2025 Kefron. All Rights Reserved

Please confirm your country

  • Ireland
  • United Kingdom
  • United States
  • Rest of the World

Confirm

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies.

Cookie Settings Accept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
Save & Accept