
The end of the Brexit implementation period on 31 December 2020 has brought with it significant changes to the data protection landscape for UK-based businesses. Amid headlines about data transfer issues and a potential adequacy decision for the UK in the coming months, businesses also need to be aware of significant changes to the way in which cross-border personal data breaches with a UK angle will need to be notified to data protection authorities (DPAs) in future.
The GDPR established a “one-stop-shop” principle, allowing companies to notify cross-border personal data breaches to a lead supervisory authority (LSA) in the EU … Continue Reading