Half of UK’s small firms not ready for GDPR

Wednesday, 28 February, 2018

According to the latest government survey more than half of small companies are still not ready for GDPR – the imminent arrival of the European Union’s General Data Protection Regulations.

What’s more, only 38% of small businesses had actually heard of the GDPR.

The survey found that awareness of GDPR improves among bigger firms with 66% of medium-sized and 80% of the UK’s biggest businesses claiming they were aware of the regulations.

This was also true for those companies who had actually made changes in anticipation of the upcoming regulations.

No opting out of GDPR

The new regulations will come into force on 25 May 2018 and will replace the UK’s current Data Protection Act 1998.

Compliance with the GDPR is not optional and it is not simply a question of ticking boxes.

The regulations demand that companies are able to demonstrate compliance with rigorous data protection principles.

This includes taking a risk-based approach to data protection and ensuring that the appropriate policies and procedures are in place. It also means dealing with transparency, accountability and that individuals’ rights are maintained.

All in all, companies, public bodies and charities must demonstrate they are building a workplace culture of data privacy and security.

And any UK organisation handling personal data, and that’s pretty much all of them, will need to comply with the GDPR regardless of Brexit.

Companies that fall foul of the regulations will face stiff fines upwards of £17 million or the equivalent of 4% of their global turnover.

Businesses, public bodies and charities need to take steps now to ensure they are ready.

Organisations that thrive under the new rules will be those that commit to the spirit of data protection and embed it in their policies, processes and people.

- Elizabeth Denham, Commissioner, Information Commissioner’s Office

Among larger firms some 55% had taken proactive actions. The most common of these were to create or change policies on cybersecurity, increased staff training and deploying new systems, including updating anti-virus software.

The survey is just one of a number of studies detailing the UK’s preparations or lack of them for the introduction of the GDPR.

Another government-backed survey found that the finance and insurance sectors had the highest awareness of the GDPR while the construction industry had the lowest with only one-in-four firms aware of the imminent regulations.

Meanwhile, Facebook Chief Operations Officer, Sheryl Sandberg, speaking at an event in Brussels this week said that the company would launch “educational tools” that, she said would help comply.

And in a bid to conform with the new transparency regulations, she announced that Facebook would establish a “privacy centre” for all users, which puts “core privacy settings” in one place.

TG Bamford author picture


A veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

KCOM buyout means more fibre for Yorkshire

Hull's homegrown ISP sells for more than half a billion.

KCOM buyout means more fibre for Yorkshire Read more

Virgin gigabit trials begin in Southampton

Nationwide gigabit takes a big step forwards with Virgin's new network upgrade.

Read more

Tesco customers get triple value with NOW TV

Get the most out of your Clubcard points with streaming discounts.

Read more

CityFibre bring full-fibre to 70,000 homes

Only 4.9 million to go...

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Signs your computer may have a virus

Signs your computer may have a virus Read more

What are the risks of using public WiFi?

Read more

How to optimise WiFi connections in old buildings

Read more

How to choose a broadband provider you’ll be happy with

Read more
Back To Top