As Britain considers its position in Europe, UK businesses are paying increased attention to the implications of a Brexit on their operations.
Until now, most have been preoccupied with political and economic factors, and companies’ contingency plans have largely reflected this. But what are the implications for one of our most important business tools – our data?
In today’s digitised world we are creating and relying on more data than ever before – it’s one of any organisation’s most valuable assets.
But don’t forget, this plethora of data has to be stored somewhere and, especially if Britain leaves the EU, it is vital businesses know exactly where they are storing theirs. That’s because a Brexit could have a significant impact on UK data laws. Organisations operating in the UK could be forced to store their data here.
Of course, on top of a potential Brexit, there’s the added upheaval of the new General Data Protection Regulation (GDPR) laws coming into force in 2018, and an ever increasing focus on privacy regulations, which could also involve changes to the way organisations store and govern their data.
Given this changing landscape, the topics of data sovereignty, compliance and portability – where UK business data will need to be stored and how easy it will be to move it – should be of principal concern to any organisation. Not moving it could result in failure to meet standard compliance, which may lead to anything from a hefty fine through to a loss in reputation. And yet, despite this, evidence indicates that organisations are taking little action to prepare.
In fact, to explore the potential impact of the UK leaving the EU and get an idea on preparedness for it, we recently commissioned an independent survey of 250 IT decision makers from across the public and private sector. Surprisingly, the research found that, for the large part, organisations aren’t prepared for a potential Brexit and its likely impact.
Over 60 per cent couldn’t say with confidence where their data is stored, while more than a third said they have data which is currently stored outside the UK. And only 10 per cent of those organisations with data outside of the UK were in a position to bring it back to UK soil if needed.
It’s also worth remembering that a lack of consideration for the changing landscape could have extensive financial implications. Our survey showed it will cost an average of £1.6m for each organisation to move their data so it is all hosted in the UK – and this is generally a conservative estimate. When you add to this the cost of likely downtime, staff resource and getting out of the existing contract, we envisage this cost actually being far more.
Ultimately, a Brexit is a possibility and we know there are going to be new GDPR laws, so although we don’t know what exactly the next twelve months might entail, changes could be coming that mean it makes sense for businesses to get to better grips with their data now.
As a first step, every organisation will need to ask itself how it can even begin to assess the impact of a changing data governance landscape, if it doesn’t even know where their data currently is. Re-establishing control of data, and ensuring that this location and control is considered in all activities, will mean businesses are better prepared in the event of any changes in the future, whether that be a Brexit or further changes which may be on the horizon.