Skip to main content

We use strictly necessary cookies to make our site work. We would also like to set optional cookies (analytical, functional and YouTube) to enhance and improve our service. You can opt-out of these cookies. By clicking “Accept All Cookies” you can agree to the use of all cookies.

Cookies Statement and Privacy Statement


Information for health care workers is available on Coronavirus guidance documents are available on

New rules around Data Protection for Brexit

Information HSE managers need about the transfer of personal data to UK companies from 31 December 2020.

Published: 6 October 2020

Updated: 19 January 2021

The UK has left the EU. The transition period ended on 31 December 2020.

Recent negotiations resulted in the EU-UK Trade and Cooperation Agreement. This agreement is shortly due to be ratified by both parties.

Sharing Data with the United Kingdom

This EU-UK Trade and Cooperation Agreement means the HSE can continue, for the duration of a specified period (four to six months from 1 January 2021), to transfer personal data to the UK for processing and storage.

During this period there is no requirement for HSE managers to sign an EU Standard Contractual Clauses with UK-based suppliers.

So if a UK company you work with transfers, processes, stores or accesses personal data you do not need to require them to sign an EU Standard Contractual Clause document.

The EU-UK Agreement contains provisions which mean that, for the duration of the specified period, (four to six months from 1 January 2021) transmission of personal data from the Union to the United Kingdom shall not be considered as a transfer to a third country under Union law.

The parties have also agreed a declaration on the Adoption of Adequacy Decisions with Respect to the United Kingdom which sets out the European Commission’s intention to promptly launch the procedure for the adoption of adequacy decisions with respect to the UK under the General Data Protection Regulation and the Law Enforcement Directive.

Read the text of the EU-UK Agreement on Trade & Co-operation here.

Data Protection Commission – Frequently Asked Questions on Data Protection and Brexit

European Data Protection Board statement

Information note from the European Data Protection Board

For more information about this topic or if you have questions, or concerns e-mail the HSE Data Protection Officer at 


Related Content

  • Commission Decision of 5 February 2010
    Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council (notified under document C(2010) 593)Text with EEA relevance
  • Brexit gdpr letter pdf file
    pdf of brexit supplier letter
  • Brexit gdpr letter template word file
    Using this template, contact each company asking that they complete and sign the EU Contractual Clauses Agreement.