Brian Pennington

brianfpennington

, , , , ,
1 comment on UK Businesses unprepared for changes to the Data Protection Act

UK Businesses unprepared for changes to the Data Protection Act

Crown Records Management survey of IT decision makers reveals companies are woefully unprepared for EU General Data Protection Regulation.

European politicians met on the 24th June 2015 in a bid to ratify huge changes in data protection regulation, but a survey has revealed UK businesses are woefully unprepared.

The EU General Data Protection Regulation aims to unify data protection across Europe with a single law and will be fine-tuned in Brussels at a ‘trilogue’ meeting of the EU Commission, European Parliament and the Council of the EU.

Once passed, it will bring with it huge fines (up to 100m Euros or 2% of global turnover) for companies that breach the regulation – as well as a raft of new rules about collecting, editing and processing the personal data of European citizens. Many companies will also be compelled to employ at Data Protection Officer for the first time.

Experts predict it will affect every single company that operates from within the EU, does business with companies inside the EU, stores its data in EU member countries or handles the personal data of European citizens.

A Crown Records Management Censuswide survey of IT decision makers at UK companies with more than 200 employees revealed businesses here are painfully unprepared – and one in five hasn’t even heard of the Regulation.

Results include:

  • 19.6% are totally unware of the changes
  • 29.4% of decision makers aged 55+ know nothing about the challenges ahead
  • 25.3% will wait for the final details of the Regulation before taking any action at all
  • 52% who know about the Regulation still aren’t currently reviewing policies
  • 42.5% of decision makers in companies with a turnover of more than £500m are ‘not really concerned’ or ‘not concerned at all’ about the impact of the new structure.
  • 63% have not yet appointed a Data Protection Officer, which will soon become compulsory for many companies
  • 59% have no plans in place to train staff despite the changes looming

Reproduced from Crown Records Management.

Read my 2012 review of the Proposed European Data Protection Act here 

Who breached the Data Protection Act in 2014 (UK)? Find the complete list here.

Who breached the Data Protection Act in 2013(UK)? Find the complete list here.

Who breached the Data Protection Act in 2012(UK)? Find the complete list here.

Posted by:

brianfpennington

Experienced IT professional currently helping businesses achieve a range of GRC standards.

One response to “UK Businesses unprepared for changes to the Data Protection Act”

  1. Andrew Fawcet

    Andrew Fawcet

    UK Businesses unprepared for changes to the Data Protection Act | Brian Pennington

    Like

    Reply

Leave a comment