Lack of data regulation awareness could plague UK businesses
Global cyber security issues have plunged General Data Protection Regulation back into the limelight this week, with firms urged to check their responsibilities.
It comes on the back of Shred-it’s seventh annual Security Tracker – conducted by Ipsos – which found that 84% of small businesses are unaware of what the regulations will mean.
Some 43% of senior executives at larger firms are also uninformed of the new legislation which comes into force in May 2018, replacing existing European data protection laws.
The GDPR regulations should create a more consistent approach to data protection for those in the EU, but the latest figures suggest an alarmingly low level of awareness.
A lack of knowledge of the potential fines involved should be of most concern – just 14% of small business owners and 31% of senior executives knew that the fine for incompliance could be up to €20 million or 4% of global turnover.
These low levels of awareness come despite 95% of senior executives and 87% of small business owners claiming to at least partly understand the legal requirements of their specific industries.
Failing to meet the regulations could have far greater permutations than just the financial penalties alone, as business reputations can suffer greatly when they are on the wrong side of the law.
Close to two thirds of senior figures were aware of how data protection and privacy impact on brand image and reputation.
Add that to the financial penalties and smaller firms could face extreme pressures – 20% of firms told a study by Veritas Technologies earlier this year that they were fearful non-compliance would put them out of business.
Firms have been warned to seek appropriate advice on GDPR if they are unsure of their responsibilities, as firms could be declared insolvent should they be found guilty and unable to pay the fines or source alternative refinancing methods.
Just 40% of senior executives have started to prepare for the introduction of the new regulation, with the majority focusing on HR policies, staff training and internal audit functions.
By Phil Smith