Third of SMEs are worried about GDPR
Posted on in Business News , Cycles News , Creative News, Outdoor News
Recent research commissioned by Q2Q IT has revealed that a third of respondents are worried about the impending General Data Protection Regulation (GDPR).
The General Data Protection Regulation (GDPR) comes into effect on 25th May 2018 replacing the existing Data Protection Act 1998 and governing how organisations can obtain, process and retain personal information.
Directed at SME owners, the findings from the research revealed the biggest challenges SMEs think they will face and how they are preparing for the changes.
The biggest challenges identified by respondents were overhauling the way in which their organisations manage and process personal data, and keeping stored information up-to-date and accurate.
With stricter rules surrounding consent and data protection, the GDPR will grant individual data subjects the right to request access to any information a company holds about them, appeal for it to be amended, or demand that it is erased entirely. Organisations must therefore be ready to deal with such requests.
Non-compliance could result in financial penalties of up to €20,000,000, or 4% of global turnover (whichever is greater) being issued by the Information Commissioner's Office (ICO). But despite the severe implications of non-compliance, 23% of survey participants expressed indifference towards the new legislation, with less than half acknowledging it as a key priority for their business in 2018.
Commenting on the findings, Q2Q IT's managing director Andrew Stellakis said: "The message is clear throughout all UK sectors - the GDPR needs to be a priority for businesses of all sizes, operating within all industries. Yet despite heightened media attention on the impending legislative changes, these results show that SMEs are still failing to prepare."
Whilst almost a fifth of poll participants admitted they hadn't started thinking about their compliance preparations yet, 60% claimed that they are well on their way. A further 20% indicated that they were "hopeful" about the GDPR.
Andrew continued: "There's admittedly been a lot of scaremongering about the regulation - particularly when it comes to the eye-watering fines - which can easily lead to people switching off. And although ensuring operational processes are in shape and compliant is undeniably a laborious task, through our GDPR consultation services we're trying to get businesses to see the benefits of the new legislation too.
"The requirement to keep all information up-to-date and accurate alone will help make customer databases more efficient. Plus, the need for more targeted marketing comms - sent to people who have confirmed they actually require the information - is undoubtedly an opportunity for higher customer engagement. Yes, there are drawbacks when it comes to time and resources, but compliance will ultimately be a help rather than a headache for SMEs."
Click here for more guidance on GDPR and how you can start to prepare for it.
In the UK, the Information Commissioner's Office (ICO) is the independent authority set up to "uphold information rights in the public interest" and ensure that organisations handle and protect data properly.
The ICO has produced a checklist tailored specifically for small businesses. It can be downloaded here,
and walks you through the process, step by step. From deciding if you
really need the information you're collecting, to ensuring customers are
aware they're being recorded by CCTV, the checklist helps you assess
how your business is currently collecting and protecting data and where
improvements need to be made.