Our Founder & CEO, Robert Baugh, was delighted to discuss potential Brexit Reforms – as set out in the DPDI Bill – with Andrew Rawlins-Catterall, the host of Mazars’ Tech for Leaders podcast.
The episode was recorded on 16 September 2022 and covers key areas of Accountability as well as possible impacts on the UK’s adequacy decision under EU GDPR. We’ve set out some of the main areas discussed below.
We discuss the differences between the Data Protection Officer regime under UK GDPR and the Senior Responsible Individual under the DPDI Bill. We look at whether it’s better or worse, easier or harder, when you need an SRI (and is the test the same as for the DPO) and what if you’ve already got a DPO?
There’s a key addition on SRIs’ duties compared to DPOs. We also discuss the possible liability of DPOs and SRIs, plus the continued difficulties presented by the no-conflict rule for SRIs.
We look at the practical effects – so far as we know at the date of recording – of the change of wording in relation to DSRs, by bringing in ‘vexatious’.
We also look at the history of ‘vexatious’ in FOIA cases and whether that’s applicable in data protection.
One of the big pains of GDPR, according to the UK government, is creating your records of processing. We discuss the practical changes, and whether it’s any easier under the DPDI Bill.
Privacy compliance is a big factor in trust. We discuss how risk assessments are still there, potentially more so, under the DPDI Bill.
There are some good changes to cookies and PECR. We run through this area, and include a discussion on the IAB Europe case.
There’s a sunset clause in the UK’s adequacy decision under GDPR, and the ability to review before then too. We discuss whether the DPDI Bill threatens the UK’s adequacy, either in the way transfers are treated or in the independence of the UK ICO with its new governance structure.
Don’t forget to get your own copy of Keepabl’s Side-by-side Guide on the Brexit Reforms under the DPDI Bill. It’s all so much clearer than wading through the Bill, we’ve done the work for you!
The Fintech Power 50, the annual guide to the most influential, most innovative companies and visionary personalities shaping the Fintech industry, has named Keepabl, the award-winning Compliance-as-a-Service making GDPR simple,…