Fewer than half of businesses ready for GDPR, warns UK gov

Organisations urged to prepare for the new data protection laws with only 4 months to go

The UK government has urged British businesses and charities to be prepared for the new data protection laws set to be introduced as part of the EU's General Data Protection Regulation (GDPR).

Due to be implemented in UK law via the Data Protection Bill in May 2018, GDPR is part of the government's plans to help the UK prepare for a successful Brexit. For starters, it will give the Information Commissioner's Office (ICO) more power to defend consumer interests and issue higher fines, of up to 17 million or 4% of a company's global turnover, for the most serious data breaches.

Advertisement - Article continues below

However, according to new research, the government said fewer than half of all businesses and charities are aware of the laws, even with only four months to go before they are implemented. And if businesses aren't ready, they could be hit by major fines.

UK secretary of state for digital, culture, media and sport, Matt Hancock, said organisations must keep up to speed with the new regulations. Speaking from the World Economic Forum in Davos, he warned: "We are strengthening the UK's data protection laws to make them fit for the digital age by giving people more control over their own data."

Advertisement - Article continues below

He added: "As these figures show, many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill.

"There is a wealth of free help and guidance available from the Information Commissioner's Office and the National Cyber Security Centre, and I encourage all those affected to take it up."

Advertisement - Article continues below

While businesses in the finance and insurance sectors are said to have the highest awareness of the changes to be brought in through the EU's GDPR, organisations in the construction industries are said to have the lowest awareness, with only one in four aware of the incoming regulation.

The research also suggests that awareness is higher among businesses that report their senior managers consider cyber security is a fairly high or a very high priority, with two in five aware of the GDPR.

Nevertheless, the UK government said there's still time for organisations to prepare, adding that those already complying with the existing Data Protection Act are well on the way to being ready in time for GDPR.

"There will be no regulatory grace' period, but the ICO is a fair and proportionate regulator," the UK gov website states. "Those who self-report, who engage with the ICO to resolve issues and demonstrate effective accountability, can expect this to be taken into account when the ICO considers taking action."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


Careers & training

What does a CISO do?

20 May 2020
Business strategy

CTO job description: What does a CTO do?

1 Apr 2020
social media

How to delete a Facebook business page

1 Apr 2020
data centres

Five business benefits of hyperconvergence

25 Mar 2020

Most Popular


Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
cloud computing

Microsoft launches public cloud service for health care

21 May 2020
video conferencing

House of Commons to ditch Zoom in favour of British alternative

11 May 2020