GovWire

The Data Protection and Digital Information Bill proposes to update and simplify the UKs data protection framework and includes measures relating to areas such as digital identity and smart data. As originally submitted for RPC scrutiny, the IA was not fit for purpose because it had classified the proposal as non-qualifying under the pro-competition exclusion without providing an assessment against the four criteria in the better regulation framework guidance; and there was no indication of the potential scale of impact on business of the primary powers to require IT suppliers of products/services to the health and care system to meet specified open data architecture standards.

The revised IA has reclassified the measure as qualifying against the Business Impact Target (BIT); and has provided an indication of the potential scale of direct impacts on IT suppliers to the health and social care sector and provided further qualitative analysis of indirect costs. Therefore, along with the BIT re-classification, monetisation of direct impacts on business and assessment of impacts on Small and Micro Businesses the IA is now fit for purpose. Subject to better regulation framework requirements, further IAs supporting secondary legislation will need to be submitted to the RPC for validation of further EANDCB figures.