UK Large Businesses Lagging in GDPR Compliance: Report | GBAF

UK Large Businesses Lagging in GDPR Compliance: Report | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Business > 78 PER CENT OF UK ENTERPRISE STILL NOT IN A GDPR STATE OF MIND

78 PER CENT OF UK ENTERPRISE STILL NOT IN A GDPR STATE OF MIND

Published by Gbaf News

Posted on September 2, 2017

5 min read

Last updated: January 21, 2026

Engine flush products improving vehicle performance and longevity - Global Banking & Finance Review — This image represents the growing engine flush market, highlighting advancements in lubricants improving engine performance and reducing carbon footprint, as discussed in the article.

Majority of UK businesses with 5,000+ employees are still concerned about GDPR and have work to do before they are fully compliant

A new report from CA Technologies* (NASDAQ: CA) reveals that only just over a quarter (28%) of large businesses in the UK have started preparing for the European General Data Protection Regulation (GDPR), which comes into force in May 2018.

And, only 22 per cent are completely prepared and waiting to get started, according to decision makers. Preparations are unlikely to be simple; GDPR is set to ramp up the legal data privacy rights of customers, specifically with personal data being extended to include social media posts, photographs, transaction histories and IP addresses and more. Yet when asked about the safe storage of sensitive and personally identifiable data (PII), almost one in five respondents (18%) were not confident that it was stored in places where only their organisation could access it. In addition, a third (34%) are not yet able to detect PII and other sensitive data during development.

Conversely, the respondents cited confidence in board-level awareness of GDPR and ability to act. The majority of business leaders questioned (89%) were confident about their board’s readiness, with 57 per cent boasting “very” and “reasonable” levels of confidence.

“Larger businesses may well receive more attention from the public on GDPR compliance. They are likely to hold more sensitive data and have higher profits than their smaller counterparts, so the regulators will be watching closely,” Rob Coleman, UKI CTO at CA Technologies commented. “There’s a worrying disparity between confidence in the board’s preparedness and actual readiness to act when we look at the specifics around storage, security and development. GDPR needs to be embedded into every single element of the business, with programmes represented by each unit of the organisation; including HR, finance, legal and IT.”

Critical to GDPR compliance is secure storage of data and appropriate access. While 54% indicate they are “reasonably” (25%) or “quite” (29%) confident, only a quarter (27%) of respondents are “very confident” that all sensitive data and PII can only be accessed from within the organisation. Denying access to former employees when they leave the business is essential to this, but only 23% revoke access within minutes, and a worrying 3% can take a year or longer.

“There is an opportunity for organisations to do better when it comes to handling sensitive data,” adds Coleman. “GDPR won’t be letting security breaches sit unnoticed. UK businesses need to move fast to ensure that they are compliant, and that more importantly, that they are delivering the high level of security and service that their customers expect in today’s application economy.”

To learn more about GDPR concerns within larger enterprises, download the full report here.

Majority of UK businesses with 5,000+ employees are still concerned about GDPR and have work to do before they are fully compliant

A new report from CA Technologies* (NASDAQ: CA) reveals that only just over a quarter (28%) of large businesses in the UK have started preparing for the European General Data Protection Regulation (GDPR), which comes into force in May 2018.

And, only 22 per cent are completely prepared and waiting to get started, according to decision makers. Preparations are unlikely to be simple; GDPR is set to ramp up the legal data privacy rights of customers, specifically with personal data being extended to include social media posts, photographs, transaction histories and IP addresses and more. Yet when asked about the safe storage of sensitive and personally identifiable data (PII), almost one in five respondents (18%) were not confident that it was stored in places where only their organisation could access it. In addition, a third (34%) are not yet able to detect PII and other sensitive data during development.

Conversely, the respondents cited confidence in board-level awareness of GDPR and ability to act. The majority of business leaders questioned (89%) were confident about their board’s readiness, with 57 per cent boasting “very” and “reasonable” levels of confidence.

“Larger businesses may well receive more attention from the public on GDPR compliance. They are likely to hold more sensitive data and have higher profits than their smaller counterparts, so the regulators will be watching closely,” Rob Coleman, UKI CTO at CA Technologies commented. “There’s a worrying disparity between confidence in the board’s preparedness and actual readiness to act when we look at the specifics around storage, security and development. GDPR needs to be embedded into every single element of the business, with programmes represented by each unit of the organisation; including HR, finance, legal and IT.”

Critical to GDPR compliance is secure storage of data and appropriate access. While 54% indicate they are “reasonably” (25%) or “quite” (29%) confident, only a quarter (27%) of respondents are “very confident” that all sensitive data and PII can only be accessed from within the organisation. Denying access to former employees when they leave the business is essential to this, but only 23% revoke access within minutes, and a worrying 3% can take a year or longer.

“There is an opportunity for organisations to do better when it comes to handling sensitive data,” adds Coleman. “GDPR won’t be letting security breaches sit unnoticed. UK businesses need to move fast to ensure that they are compliant, and that more importantly, that they are delivering the high level of security and service that their customers expect in today’s application economy.”

To learn more about GDPR concerns within larger enterprises, download the full report here.