Some 84% of small business owners and 43% of senior executives of large companies in the UK are unaware of the forthcoming General Data Protection Regulation (GDPR), according to a study by Shred-it.From May 2018 the GDPR will replace existing European data protection laws. The purpose of the law is to bring greater strength and consistency to the data protection given to individuals within the EU.
Shred-it’s Security Tracker survey, conducted by Ipsos, also found that only 14% of small business owners and 31% of senior executives knew the fine associated with the new regulation, which is up to €20 million or 4% of global turnover, even despite 95% of senior executives and 87% of small business owners claiming to have some understanding of their industry’s legal requirements.
If businesses breach the forthcoming legislation and fail to grasp its implications they not only risk severe financial penalties, but also any reputational damage. Research shows that 64% of executives agree that their organisation’s privacy and data protection practices contribute to reputation and brand image.
Only 40% of senior executives, claiming to be aware of the law, have begun to prepare for the GDPR. This is in spite of 60% agreeing that the change in legislation would put pressure on their organisation to change information security policies.
Robert Guice, senior vice president Shred-it EMEAA, says: “From implementing stricter internal data protection procedures such as staff training, internal processing audits and reviews of HR policies, to ensuring greater transparency around the use of personal information, businesses must be aware of how the legislation will affect their company to ensure they are fully compliant.”
According to Guice, governmental bodies such as the Information Commissioner’s Office (ICO), must take a leading role in supporting businesses to get GDPR ready, by helping them to understand the preparation needed.
We recently reported on how the Minister for Digital and Culture offered reassurances over the impact of a data protection law coming into force next year on the use of facial recognition technology for crime-fighting purposes.
Check out the findings of the Shred-It survey in infographic form below…
