News & Updates

Expert Help to Navigate Reformed GDPR Regulations

Angus MacLeod

Published byAngus MacLeod

24th June 2022

Expert Help to Navigate Reformed GDPR Regulations

The General Data Protection Regulation (GDPR) came into effect in the UK on 25 May 2018 and heralded a new understanding of how companies were using the public’s data.

Since then, internet users have become savvier about what data they are sharing, and with whom.

The recent Queen’s Speech included the confirmation that we can expect reforms to this legislation, but this has been met with confusion by many.

GDPR will not be going away, especially as individuals become ever more alert on how their data is handled, but the government’s headline on the reforms is that they’ll aim to ‘take advantage of the benefits of Brexit to create a world class data rights regime’. This means supposedly simplifying GDPR and making the rules more business friendly.

Angus MacLeod, Partner at Wright Johnston & Mackenzie LLP, said: “It is anticipated that the Data Reform Bill will review current data practices and bring them up to date, simplifying the administrative processes along the way.

The government says it wants to be flexible and focus on outcomes rather than box-ticking, but as ever the devil will be in the detail.”

UK-Europe challenges

Despite the EU currently accepting UK data law as an adequate alternative, the post-Brexit political landscape leaves this status on shaky ground as the UK amends its data laws.

For companies which operate both within the UK and Europe, differing rules may present another challenge.

We could potentially see businesses which conduct transactions with Europe having to also apply the original EU-specific GDPR regulations. This could mean, in some cases, they have to either balance dual relations or alternatively pick the ‘highest’ standard and proceed with that.

Experts on hand
We are ready to guide clients through this new minefield by helping them assess their processes and procedures and to ensure they are compliant.

Our solicitors have provided expert guidance around GDPR issues which typically fall into two camps – helping businesses to get preemptively compliant, and assisting others who have had problems as a result of not satisfying compliance regulation.

The former group usually includes companies which don’t have the tools at their disposal to be able to deal with GDPR regulations, such as conducting risk assessments.

For this, WJM is well equipped to assist in ensuring all data-handling procedure is above board.

The latter group have a more serious issue at hand, and requiring urgent legal assistance, as failures to handle people’s data correctly can result in reputation-damaging and expensive litigation from consumers.

WJM has a wealth of experience in resolving these fast-moving disputes.

The Information Commissioner’s Office (ICO) is exceptionally vigilant on compliance and consumer rights. With more consumers enlightened on their rights around data, the ICO has perhaps never been so pre-occupied with individual enquiries, which should be a warning to business that have not addressed underlying issues up to this point.

Regulation will continue to be dynamic and ever-changing, so it is paramount for businesses and institutions to have a detailed protocol in place to best ensure all data handling process is statutable.

Getting the right team of experts on your side and regularly auditing your process is key - especially with changeson the horizon.

Speak to WJM’s Data Protection team today. 


This article first appeared in Business Comment magazine 

The information contained in this newsletter is for general guidance only and represents our understanding of relevant law and practice as at June 2022. Wright, Johnston & Mackenzie LLP cannot be held responsible for any action taken or not taken in reliance upon the contents. Specific advice should be taken on any individual matter. Transmissions to or from our email system and calls to or from our offices may be monitored and/or recorded for regulatory purposes. Authorised and regulated by the Financial Conduct Authority. Registered office: 302 St Vincent Street, Glasgow, G2 5RZ. A limited liability partnership registered in Scotland, number SO 300336.