The government chose the platform of the Queen's speech to announce a whole raft of changes and new laws. One of these was the Data Reform Bill. I could almost hear the collective groan of UK business as another change to data compliance was tabled. So, what does it actually mean in practical terms and will it be very different from GDPR?
Whatever happens with the Data Reform Bill, Datasense are here to help!
What is the Data Reform Bill all about? Well, that is a very good question. At this stage, it's actually rather difficult to be precise because there are so few details actually available to be precise about. In essence, though this is about amending or changing the current GDPR legislation.
So, before everyone who remembers the commotion around GDPR when it was first announced goes off to find a quiet corner to scream in, it's worth mentioning the intention of these changes!
One of them is to reduce the paperwork burden on businesses and researchers when it comes to the best use of personal data. I think we all welcome any clarification in this area as it has been problematic, to say the least.
Other aims are to create a bill that will result in a reduction of what they call 'box-ticking' and focus on privacy outcomes rather than what they see as excessive paperwork. There are also a lot of good intentions about increasing competitiveness and getting rid of processes that create burdens for businesses with little benefit to citizens.
This is summarised by the intention to create a 'Gold Standard' for data protection. As to what they actually mean though, well we will need to wait a little longer for specifics. Read on, though because there are some things we do know.
Why is this happening?
I think it is fair to say that the change is primarily because of Brexit. According to government literature, the move is to take advantage of the benefits of Brexit and create a new pro-growth and trusted UK data protection framework.
When the UK left the EU most of the European laws were just carried over. GDPR was still embedding at the time and to change the law less than two years after it was introduced would probably not have been ideal. There has always been an agenda of data reform on the table, and this seems to be a continuation of that.
When will it happen?
Actually, this is a bit of a how long is a piece of string question. The consultation has finished, but the actual reforms themselves have not been released in any detail. As these are reforms, not a replacement law, that could speed things up. The full outcome of the consultation will be published in the coming months and from there we can start to guess at a timetable for the changes.
What will it mean for business?
The current lack of meaningful detail makes it difficult to be precise, but there are some elements we can draw conclusions from. The bill refers to enabling public bodies to share data so presumably, this means a different approach to data for the police, NHS, social services and so on, than the business community.
When it comes to a more general discussion, we are being told that there will be a culture of data protection rather than box-ticking. What this may mean is a set of outcomes or perhaps principles will be introduced allowing more freedom of interpretation of how they are applied.
This could be good in one respect; in that, it would allow a reduction in parts of the legislation that are problematic or hard to enforce for certain businesses. However, with the freedom of choice will come more onus on the business to make sure they are following the spirit of the reforms and meeting legislative requirements.
"If GDPR worked for your business, then it is likely to still be the case for the Data Reform Bill!"
For those businesses for whom this means either changing things to take advantage of new data freedoms or where the new legislation is significantly different from their requirements under GDPR, then it could mean a full review, implementation of new working practices and significant policy change.
Whatever happens with the Data Reform Bill, Datasense are here to help, and keep you informed. In the meantime, GDPR still applies, so it is always the best option to ensure you are meeting current legislation.
Until next time ...
GAYLE PARKER
Would you like to know more?
If anything I've written in this blog post resonates with you and you'd like to discover more about the Data Reform Bill, it may be a great idea to give me a call on 01604 420057 and let's see how I can help you.
As well as being the 'go to' for compliance and policy, Gayle has extensive experience of project management and has worked with businesses in a wide variety of sectors.
As you would expect from a compliance specialist, she is intensely detail-focused and capable of seeing both the small details and the big picture they fit into. She is also responsible for making sure the team behave (and also that don't get so distracted by the latest technology that they forget to go home in the evenings).
She is a self-confessed lover of policy and procedures and is the guiding light when it comes to ensuring everyone in Datasense and her clients are driven by practical processes that work for all.
No unauthorised use, duplication, distribution or modification to any original content contained within this blog is permitted without prior written permission of the author. All other trademarks and registered names are acknowledged.
