However, 92% believe that it should only be stored in the UK. The study was carried out by a specialist cybersecurity company and showed that just over a quarter of experts were able to say for certain that their data was stored in the UK. Many others had no idea where the data was physically stored.
Those who took part in the survey said that they believe that the main risks of not knowing where data is stored include possible access to the data by foreign governments, being unsure about the qualifications of those who have access to the data, and a lack of integrity of the data once it has been stored in another country.
Experts have said that companies will need to have a better understanding of where their data is stored in order to comply with the EU GDPR which is due to come into effect in two years’ time. Even with the UK leaving the EU, British companies will still have to comply with the regulation if they want to continue trading within the EU region.
The Information Commissioner’s Office stated that the result of the referendum meant that the regulation would not apply directly to UK companies, but there will still be a requirement for British companies to show that their standards for data security meet the standards set out by the GDPR.