‘More Than Half’ of UK Businesses have STILL not addressed GDPR
It has now been over four months since the General Data Protection Regulation (GDPR) came into force on May 25th, unifying the different levels of data protection across the EU and tackling the issue of exporting data outside the EU. With its main focus being to prevent the collection of unnecessary data on individuals (and to protect what data is collected and maintain the subjects’ rights to privacy), much was made at the time on the impact this would have on business, and many man-hours were spent on ensuring that enterprises across the EU were compliant with the new rules.
So what has the impact been, in real terms? At the time there were many horror stories and concerns being raised about the unintended harmful effects that GDPR could have on small businesses. The fear was that as they have smaller IT resources, small businesses would find it harder to ensure they were compliant in time, and that they would therefore be disproportionately likely to face fines, and also disproportionately affected by the amounts of money involved.
Well, the good news is that so far there haven’t been any massive issues. The bigger social media players like Facebook and Google saw the inevitable complaints being sent to the EU Commission, but other than that things appear to be moving smoothly.
Although whether this will remain the case is hard to tell. In the run-up to the GDPR’s coming into force, IT security firm ESET surveyed over 27,000 companies, and found that more than half of them hadn’t performed an internal audit to see whether they were compliant.
Fortunately, and presumably anticipating this very state of affairs, Data Protection Regulators have shown leniency so far in order to give people time to catch up, but it seems likely that this state of affairs will be subject to change as time goes on. So the lesson is that while it’s still not too late to ensure that you are compliant with the new regulation, it may very well be soon.
BREXIT of cause makes no difference to compliance. GDPR came into effect before the UK leaves the European Union, which means that UK businesses needed to prove their GDPR compliance before, on and after the 25th of May. In addition, the GDPR rules apply to ANY business that handles personally identifiable information of EU Citizens, regardless of where they are located.
If your company are one of the many thousands who have yet to address GDPR contact Ghost IT today by calling 01708 390 370 and speak directly to a Data security expert about your requirements in further detail. Alternatively, fill in our online contact form and visit our website here.