Despite the fact that there are less than 60 days before the introduction of the new General Data Protection Regulation (GDPR), latest research suggests that a staggering 90 per cent of small businesses are still not ready.
The Federation of Small Businesses has discovered that just eight per cent of SME businesses had completed their preparations.
Of those surveyed, 35 per cent said they were still in the early stages, whilst 33 per cent admitted that they had not even started to plan for the GDPR changes.
Although there has been a great deal of media coverage on the subject in recent weeks, almost 20 per cent of small businesses were completely unaware that new rules will soon dramatically affect the way they store data and are able to communicate with potential and existing customers.
The new GDPR legislation, which is designed to improve the safety and security of all personal data held by organisations across Europe will still be binding in the UK after Brexit.
Any organisation which ignores the new rules could be ordered to pay fines of up to 4 per cent of its turnover.
From 25 May 2018, the new GDPR legislation will mean:
- Businesses need to obtain explicit consent for data to be held – i.e. ‘opt-in’ rather than ‘opt out’
- Records need to be kept up to date, must not contain personal information that is not strictly necessary and must not be stored for longer than is required for the specified purpose
- Data must be more securely processed to protect against cyber-attacks
- Customers now have a ‘right to be forgotten’ – meaning that businesses must remove their data permanently on request
- Any breaches must be reported promptly and without delay
The clock is ticking, so if you would like to share the importance of preparing for GDPR with your clients, we have produced a free guide which is available to download.
Our guide incudes essential facts and must-knows, including:
- What you should be doing right now to prepare for GDPR
- The ICO checklist for consent
- The penalties, in depth
- How to report a data breach
- GDPR DOs and DON’Ts
We have also produced a quiz which will separate fact from fiction and help explain the ramifications of the new regulations.