The UK Government has confirmed it will implement GDPR, in spite of the EU referendum decision to leave the European Union. Secretary of State Karen Bradley MP told a House of Commons Select Committee : “We will be members of the EU in 2018 and therefore it would be expected and quite normal for us to opt into the GDPR . . . (in order to) to help British business with data protection while maintaining high levels of protection for members of the public.”
The deadline by which organisations must comply with GDPR is May 25th 2018. Since Article 50 (the formal mechanism for leaving the EU) triggers a 2-year withdrawal process, it follows that UK organisations will be obliged to comply with GDPR for, at minimum, an interim period pending full withdrawal.
For many organisations, the interim compliance is likely to become a permanent requirement. According to the UK Information Commissioner’s Office (ICO), UK organisations will be obliged to comply with GDPR “or something very similar to it” (01.07.16) if they intend to continue trading with the single market.