The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
By Sean Miles, Head of Risk, Motor Insurers Bureau
What are some key regulatory developments within data privacy that institutions should be aware of?
We’re waiting for confirmation that the EU will grant the UK adequacy from a data protection point of view; whilst we expect adequacy to be granted, we should continue with our contingency arrangements until it is granted.
Separately the EU has published draft revised SCCs, which should be incorporated into data transfer arrangements where necessary. Further afield California votes approved their Privacy Rights Act (CPRA) in November 2020, with other states likely to follow suit. There’s a danger that we have an alphabet soup of legislation across the world to comply with, which will keep us all on our toes.
Also, the recently released ICO’s accountability framework is quite explicit in its expectations on entities; the expectations are certainly increasing from regulators.