Despite the threat of fines of up to 20 million Euros for non-compliance, almost a third of UK business leaders admit they have never even heard of the new EU General Data Protection Regulation (GDPR), a study from leading learning provider Litmos Heroes has found.
With less than eight months to go until the wide-ranging new EU regulations come into force, the research discovered that 28.6 per cent of business decision makers are in the dark about the law changes.
Worryingly, more than 30 per cent said they have done nothing at all towards becoming GDPR-ready – and ten per cent said they don’t plan to, despite the May 2018 deadline looming large.
The research of more than 500 UK business leaders and decision makers, which was carried out to mark the launch of Litmos Heroes’ new GDPR course for global businesses and SMEs, also found that nine out of ten admitted that if the regulation was introduced tomorrow, they wouldn’t be ready.
The GDPR was adopted into law by the EU Parliament in April 2016 and, from May 25, 2018, it will apply to all companies processing and holding the personal data of people who live in the EU, regardless of where the business is located.
It was designed to make sure that data privacy was standardised across Europe, to protect citizens’ data privacy and to reshape the way that businesses right across the region think about and implement data privacy.
The penalties for failing to comply are potentially huge. Organisations that fail to meet the regulation can be fined up to four per cent of their annual global turnover, up to a maximum of 20 million Euros.
Tom Moore, Managing Director of Litmos Heroes, said that now was the time for businesses to act. “I think this study has painted a really interesting – and slightly concerning – picture of how seriously some UK businesses are taking GDPR,” he said. “Make no mistake, the new regulation is coming, and if you handle the data of any EU citizen – Brexit or no Brexit – it will apply to your business.
“Around a quarter of the people included in our survey said they didn’t think GDPR would be strictly enforced, but come May 2018 they still need to be ready, because this is going to be enforced whether we like it or not.
“It’s this stark picture – and the worrying lack of knowledge and general awareness about GDPR – that has encouraged our team to produce a need-to-know video training module to help businesses and leaders get GDPR-ready.”
The findings of the Litmos Heroes survey revealed that 60 per cent of businesses haven’t formed a plan to make sure that all staff who handle data are aware of GDPR.
And it also found that six per cent of businesses don’t currently comply with current data protection laws and ten per cent are fully aware that their own online safeguards are not sufficient to protect customers from cyber-crime.
Regionally, businesses in the South East were found to be the least aware of GDPR, with over 44 per cent admitting to knowing nothing. Almost 40 per cent of businesses in the East of England and Yorkshire also confessed to knowing nothing.
Businesses in London were found to be the most clued up on GDPR with just 16 per cent saying they had never heard of it.
Businesses focused on IT services topped the sector specific list with just 11 per cent saying they hadn’t heard of GDPR. But among travel and tourism firms, almost half (46.2 per cent) said they were in the dark.
GDPR Summit Series is a global series of GDPR events which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.
Further information and conference details are available at http://www.gdprsummit.london/