UK Businesses Unprepared for GDPR: Shred-it Survey

Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Eighty-four per cent of UK small business owners and 43% of senior executives of large companies are unaware of the forthcoming General Data Protection Regulation, according to Shred-it’s seventh annual Security Tracker research, conducted by Ipsos.

The General Data Protection Regulation (GDPR) is an important new piece of legislation, which will replace existing European data protection laws from May 2018. Its purpose is to bring greater strength and consistency to the data protection given to individuals within the European Union (EU).

The Security Tracker survey also found that only 14% of small business owners and 31% of senior executives were able to correctly identify the fine associated with the new regulation – up to €20 million or 4% of global turnover. This is despite a large proportion of senior executives (95%) and small business owners (87%) claiming to have at least some understanding of their industry’s legal requirements.

Businesses which are unaware of the forthcoming legislation and its implications are not only putting themselves at risk of severe financial penalties, but also the reputational damage caused by adverse publicity associated with falling foul of the law. This can often have a greater impact than the fine itself. Research shows that 64% of executives agree that their organisation’s privacy and data protection practices contribute to reputation and brand image^[1].

Of those respondents who claim to be aware of the legislation change, only 40% of senior executives have already begun to take action in preparation for the GDPR, in spite of 60% agreeing that the change in legislation would put pressure on their organisation to change its policies related to information security.

The survey also highlights that companies feel the UK Government needs to take more action. Forty-one per cent of small business owners (an 8% increase from 2016) believe that the Government’s commitment to information security needs improvement.

Robert Guice, Senior Vice President Shred-it EMEAA, said: “As we approach May 2018, it’s crucial that organisations of all sizes begin to take a proactive approach in preparing for the incoming GDPR.

“From implementing stricter internal data protection procedures such as staff training, internal processing audits and reviews of HR policies, to ensuring greater transparency around the use of personal information, businesses must be aware of how the legislation will affect their company to ensure they are fully compliant.”

“Governmental bodies such as the Information Commissioner’s Office (ICO), must take a leading role in supporting businesses to get GDPR ready, by helping them to understand the preparation needed and the urgency in acting now.”

“The closer Government, information security experts and UK businesses work together, the better equipped organisations will find themselves come May 2018.”

info

Eighty-four per cent of UK small business owners and 43% of senior executives of large companies are unaware of the forthcoming General Data Protection Regulation, according to Shred-it’s seventh annual Security Tracker research, conducted by Ipsos.

The General Data Protection Regulation (GDPR) is an important new piece of legislation, which will replace existing European data protection laws from May 2018. Its purpose is to bring greater strength and consistency to the data protection given to individuals within the European Union (EU).

The Security Tracker survey also found that only 14% of small business owners and 31% of senior executives were able to correctly identify the fine associated with the new regulation – up to €20 million or 4% of global turnover. This is despite a large proportion of senior executives (95%) and small business owners (87%) claiming to have at least some understanding of their industry’s legal requirements.

Businesses which are unaware of the forthcoming legislation and its implications are not only putting themselves at risk of severe financial penalties, but also the reputational damage caused by adverse publicity associated with falling foul of the law. This can often have a greater impact than the fine itself. Research shows that 64% of executives agree that their organisation’s privacy and data protection practices contribute to reputation and brand image^[1].

Of those respondents who claim to be aware of the legislation change, only 40% of senior executives have already begun to take action in preparation for the GDPR, in spite of 60% agreeing that the change in legislation would put pressure on their organisation to change its policies related to information security.

The survey also highlights that companies feel the UK Government needs to take more action. Forty-one per cent of small business owners (an 8% increase from 2016) believe that the Government’s commitment to information security needs improvement.

Robert Guice, Senior Vice President Shred-it EMEAA, said: “As we approach May 2018, it’s crucial that organisations of all sizes begin to take a proactive approach in preparing for the incoming GDPR.

“From implementing stricter internal data protection procedures such as staff training, internal processing audits and reviews of HR policies, to ensuring greater transparency around the use of personal information, businesses must be aware of how the legislation will affect their company to ensure they are fully compliant.”

“Governmental bodies such as the Information Commissioner’s Office (ICO), must take a leading role in supporting businesses to get GDPR ready, by helping them to understand the preparation needed and the urgency in acting now.”

“The closer Government, information security experts and UK businesses work together, the better equipped organisations will find themselves come May 2018.”

info