Are 1 in 4 UK Businesses Unprepared for GDPR?

The GDPR (General Data Protection Regulation) will come into force in May 2018. However, recent research has indicated that nearly a quarter of UK businesses are completely unprepared for it.

The survey was conducted of senior IT decision makers at major UK companies by information management company Crown Records. In the survey, they found that as many as 44% of senior IT specialists believed the GDPR wouldn’t apply to them once the UK had left the European Union. A further 24% had already cancelled all preparations to comply with the regulation.

The GDPR is a far reaching EU regulation designed to unify and strengthen data protection laws across the European Union. Data protection regulations are designed to protect the personal information of individuals online. Through an extensive legal framework, the GDPR holds any business accountable for protecting personal information. By ensuring data isn’t kept indefinitely, it also enshrines the principle of ‘the right to be forgotten’, which is a key aspect for individuals maintaining their reputation online.

The GDPR will go into force by May 2018. Failure by any business, large or small, to follow these regulations will result in hefty fines and sanctions. Sanctions for noncompliance with the regulations include fines up to 4% of global turnover, which could be as high as 20 million euros.

The alarming level of confusion surrounding the GDPR seems to be largely caused by the UK’s currently confusing relationship with the European Union. The UK’s decision to leave the European Union has left many people under the impression that EU laws will no longer apply to them.

In the case of the GDPR, EU laws are definitely being retained. For starters, the GDPR is coming into force in 2018, before the UK will have fully withdrawn from the EU. The UK government has also expressed its intention to retain many EU regulations, including the GDPR. Furthermore, the UK’s Minister of State for Digital and Culture, Matthew Hancock, has confirmed that the UK is intending to continue with the GDPR even after it has left the EU. So, those 24% of businesses that have dropped their plans to comply with the General Data Protection Regulations will be running a serious risk of hefty fines.

With so many business leaders confused about the GDPR, it will be essential for the UK government to clearly clarify the legal situation. Otherwise, many businesses could face major sanctions.