A quarter (24pc) of London businesses are not aware of the new General Data Protection Regulation (GDPR) – with only a few months before it becomes law on May 25, a new survey has found.
The poll of more than 500 businesses commissioned by London Chamber of Commerce and Industry (LCCI) also found that, of those business decision-makers who believe that the GDPR will affect them, just 16pc say their business is already prepared for it. Of the same group, one in five (21pc) say their business would like to prepare for the GDPR but needs to find out more about it. One in three (34pc) of the London business community say that the GDPR is not relevant to their business.
Colin Stanbridge, Chief Executive of LCCI said: “Businesses that are already vigilant about their data protection responsibilities, are unlikely to be unduly burdened by the new legislation. However we would urge businesses to take this opportunity to review their processes to see if they need to make any changes to be compliant.”
Comment
Lal Hussain, IT Director of Applications, Insight UK said: “No matter the organisation, if you handle personal or financial data, everyone has an obligation to remain responsible when it comes to protecting their customers, both in terms of quality of service and the security of digital assets. After all, GDPR is not new, it gives existing legislation and gives it real teeth. If recent fines have anything to go by, no-one should want to risk being caught out.
“Consumer trust is increasingly being tested in light of revelations such as the Equifax breach last year; or even this month’s Aadhar Indian public database and OnePlus security breaches. Because breaches are becoming more frequent, this should bring much needed transparency. Our own multi-sector research also revealed something worrying – less than two-fifths of senior business leaders hope to achieve improved security when implementing IT solutions. What’s more, despite half of business leaders pointing to data privacy as one of the top things customers value, it is clear the majority of businesses still aren’t aware of how seriously customers take data protection.
“In the same way you don’t need to see police officers on every corner to be reassured that they are there, you understand the basic social contract which assures you security without it being thrust to the forefront at every occasion. In the same way, brands which can establish a level of trust that their customer’s data is secure, and that any breach will be treated appropriately, will be a cut above the rest.”
Background
The GDPR will replace the UK’s Data Protection Act 1998; and introduce larger fines for breaches and for non-compliance — up to 4 per cent of global annual turnover. For details visit ico.org.uk.
ComRes surveyed 577 London business decision-makers, weighted to be representative of all London businesses by company size and broad industry sector, online in November 2017 for LCCI. Full data tables at www.comresglobal.com.
