General Data Protection Regulation is not exactly floating the boat of small- and medium-sized firms
The majority of the UK’s small- and medium-sized businesses have either not heard of, or are uncertain about, the impact of the EU’s new data protection legislation.
The General Data Protection Regulation (GDPR) was adopted in April 2016 and takes legal effect within two years.
Only 4 percent of SMEs say they understand the legislation and are clear about the effect GDPR will have on their business. The survey questioned 850 SMEs across the UK.
“GDPR is one of the most significant and anticipated pieces of legislation conceived in the EU in recent years,” said Ian McVicar, managing director, Close Brothers Technology Services. “It is intended to strengthen and unify data protection for individuals within the EU.
“What these results demonstrate is that there is a clear lack of understanding at all levels and across all sectors.”
For non-compliance, firms’ face financial penalties of up to 4 percent of annual revenue or €20 million, whichever is the higher.
“We would like businesses to think positively about GDPR and understand how it can benefit both them and their customers.”
How you should address the demands of GDPR: