Fewer than half of businesses ready for GDPR, warns UK gov

Organisations urged to prepare for the new data protection laws with only 4 months to go

The UK government has urged British businesses and charities to be prepared for the new data protection laws set to be introduced as part of the EU's General Data Protection Regulation (GDPR).

Due to be implemented in UK law via the Data Protection Bill in May 2018, GDPR is part of the government's plans to help the UK prepare for a successful Brexit. For starters, it will give the Information Commissioner's Office (ICO) more power to defend consumer interests and issue higher fines, of up to 17 million or 4% of a company's global turnover, for the most serious data breaches.

However, according to new research, the government said fewer than half of all businesses and charities are aware of the laws, even with only four months to go before they are implemented. And if businesses aren't ready, they could be hit by major fines.

UK secretary of state for digital, culture, media and sport, Matt Hancock, said organisations must keep up to speed with the new regulations. Speaking from the World Economic Forum in Davos, he warned: "We are strengthening the UK's data protection laws to make them fit for the digital age by giving people more control over their own data."

Advertisement - Article continues below
Advertisement - Article continues below

He added: "As these figures show, many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill.

"There is a wealth of free help and guidance available from the Information Commissioner's Office and the National Cyber Security Centre, and I encourage all those affected to take it up."

While businesses in the finance and insurance sectors are said to have the highest awareness of the changes to be brought in through the EU's GDPR, organisations in the construction industries are said to have the lowest awareness, with only one in four aware of the incoming regulation.

The research also suggests that awareness is higher among businesses that report their senior managers consider cyber security is a fairly high or a very high priority, with two in five aware of the GDPR.

Nevertheless, the UK government said there's still time for organisations to prepare, adding that those already complying with the existing Data Protection Act are well on the way to being ready in time for GDPR.

"There will be no regulatory grace' period, but the ICO is a fair and proportionate regulator," the UK gov website states. "Those who self-report, who engage with the ICO to resolve issues and demonstrate effective accountability, can expect this to be taken into account when the ICO considers taking action."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now


digital transformation

Four ways CIOs can drive digital transformation

17 Jan 2020
Business strategy

CIO job description: What does a CIO do?

7 Jan 2020

How can you protect your business from crypto-ransomware?

4 Nov 2019
wifi & hotspots

How to boost your business Wi-Fi

22 Oct 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020