Most UK businesses are still not GDPR compliant

Despite the having taken effect more than a year ago, a 'good enough' approach is taking over

Graphic of individuals being glared at by cameras and having their privacy invaded

More than half of UK businesses are still not GDPR compliant over a year since the legislation came into force, according to a report from Egress.

Although nearly all businesses that responded to the survey (96%) said they had invested in GDPR compliance over the past 12 months, the majority are still leaving themselves open to debilitating fines.

Of the 52% that said they were non-compliant, 42% of them said they were "mostly compliant" with the data protection laws that came into effect in May 2018 under the Data Protection Act 2018.

"The fact they are not yet over the line demonstrates a loss of focus on achieving the necessary standard," read the report. "This is supported by the fact that more than one-third (35%) said GDPR compliance has become less of a priority in the past 12 months.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Even the ICO's announcement of its intention to issue multimillion-pound fines to BA and Marriott Hotels has not reignited urgency; only 6% of respondents said it had shocked their business back into awareness."

The understanding that GDPR has been the catalyst in the "unprecedented" fourfold increase in data breach reports since its implementation was echoed in the report which revealed 37% of GDPR decision-makers were obliged to report a breach to the ICO in the past 12 months.

The fines that can be dished out as a result of a breach may scare some, but that isn't reflected in the survey of UK GDPR decision-makers. A large majority of respondents (70%) were positive about GDPR, proactively protecting the data it holds. Although a portion of these may not be proactively protecting data to a lawful extent, 62% said their organisation had made GDPR a priority of the past year.

"Since the rush to meet last May's deadline, we now appear to be seeing an 'almost compliant is close enough' attitude towards GDPR, with a significant percentage of decision-makers indicating that focus has waned in the past 12 months," said Tony Pepper, CEO at Egress.

Going forward, investment in GDPR is shifting towards new processes around the handling of sensitive data 28% said this was the biggest area of investment since they started implementing GDPR-ready protection.

"It's positive to see that almost one-fifth (17%) of respondents are looking to technology as a way to mitigate breaches, but they must ensure these solutions tackle human error as the root causes of many of these incidents," said Pepper.

Advertisement - Article continues below

"They must look to the latest advances in security and DLP technology that can map a user's behaviour to prevent the array of mistakes that put data at risk from falling for phishing attacks that can lead to malware infections or stolen credentials, to misdirecting emails or attaching the wrong documents.

"GDPR is here to stay, and we're only going to see more companies penalised for data breaches unless we're able to overcome these issues."

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Most Popular

Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354193/buy-it-to-grow-not-slow-your-business
Sponsored

Buy IT to grow, not slow, your business

25 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019