Processing health data could become a lot more difficult if the UK diverges from current European general data protection regulation (GDPR), an employment lawyer has warned.
And if the UK’s proposed new rules, which would add more red tape to businesses, do not meet sufficient standards the trading bloc could suspend data sharing with the UK altogether.
At the Conservative Party conference yesterday, culture secretary Michelle Donelan revealed government plans to replace the GDPR data protection rules with a “business and consumer-friendly” British data protection system.
Donelan committed to a “simpler” system that she claimed would mean British businesses would no longer be “shackled by lots of unnecessary red tape”.
Since leaving the European Union, current UK data protection rules largely mirror those imposed on EU member countries.
But speaking to Health & Protection, Keystone Law partner Jacqueline McDermott warned divergence from EU law could present difficulties for platforms providing health benefits into the EU and the UK.
“Until we see how they change the GDPR, it’s hard to be clear,” McDermott said.
“But there could be difficulties for any entities that they may have within the EU, because they might want to transfer sensitive or personal data to the UK.
“They may not be able to do it if the EU determines that we don’t have the equivalent data protection so it could be an issue.
“Until we see what they are proposing to do and whether there are any arrangements to cover that, it’s hard to really comment because at the moment, we’ve got broadly the same GDPR as we had when we were in the EU.”