Fewer than half of businesses ready for GDPR, warns UK gov

Organisations urged to prepare for the new data protection laws with only 4 months to go

The UK government has urged British businesses and charities to be prepared for the new data protection laws set to be introduced as part of the EU's General Data Protection Regulation (GDPR).

Due to be implemented in UK law via the Data Protection Bill in May 2018, GDPR is part of the government's plans to help the UK prepare for a successful Brexit. For starters, it will give the Information Commissioner's Office (ICO) more power to defend consumer interests and issue higher fines, of up to 17 million or 4% of a company's global turnover, for the most serious data breaches.

However, according to new research, the government said fewer than half of all businesses and charities are aware of the laws, even with only four months to go before they are implemented. And if businesses aren't ready, they could be hit by major fines.

UK secretary of state for digital, culture, media and sport, Matt Hancock, said organisations must keep up to speed with the new regulations. Speaking from the World Economic Forum in Davos, he warned: "We are strengthening the UK's data protection laws to make them fit for the digital age by giving people more control over their own data."

He added: "As these figures show, many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill.

"There is a wealth of free help and guidance available from the Information Commissioner's Office and the National Cyber Security Centre, and I encourage all those affected to take it up."

While businesses in the finance and insurance sectors are said to have the highest awareness of the changes to be brought in through the EU's GDPR, organisations in the construction industries are said to have the lowest awareness, with only one in four aware of the incoming regulation.

The research also suggests that awareness is higher among businesses that report their senior managers consider cyber security is a fairly high or a very high priority, with two in five aware of the GDPR.

Nevertheless, the UK government said there's still time for organisations to prepare, adding that those already complying with the existing Data Protection Act are well on the way to being ready in time for GDPR.

"There will be no regulatory grace' period, but the ICO is a fair and proportionate regulator," the UK gov website states. "Those who self-report, who engage with the ICO to resolve issues and demonstrate effective accountability, can expect this to be taken into account when the ICO considers taking action."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

CTO job description: What does a CTO do?
Business strategy

CTO job description: What does a CTO do?

2 Oct 2020
How to delete a Facebook business page
social media

How to delete a Facebook business page

15 Sep 2020
What does a CISO do?
Careers & training

What does a CISO do?

17 Aug 2020
Amazon Contact Lens gives call center managers real-time call insight
Amazon Web Services (AWS)

Amazon Contact Lens gives call center managers real-time call insight

23 Jul 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
iPhone 12 lineup official with A14 Bionic chip and 5G support
Mobile Phones

iPhone 12 lineup official with A14 Bionic chip and 5G support

13 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020