According to a recent report, many businesses have failed to prepare for GDPR
According to TrustARC survey of July 2018, only 21% have fully completed their GDPR Implementation, which means 4 out of 5 are still struggling with getting it embedded.
A further 55% expect to be ready by the end of 2018, but the remainder are not confident they will have it all in place by the end of 2019.
“Some 6% of companies are running the gauntlet of being fined by NOT DOING ANYTHING ABOUT IT AT ALL!“
So what is the difficulty?
It would appear that most companies that have not yet implemented the General Data Protection Regulation, embodied in the UK Data Protection Act 2018, don’t fully understand what is needed.
Only today, we had a call from a telesales operation that said they have to contact all of the people on their database to conduct a survey by the end of August 2018. Yet Another Myth.
Compliance Efforts Fueled By Customer Expectations More Than Fear Of Fines.
Although much has been made in the press about the potentially large fines that could be levied against companies that are not GDPR compliant, most companies appeared to be motivated more by a desire to meet customer and partner expectations than by fear of fines or lawsuits. Meeting customer expectations also was the top motivator for companies whether they were in a
highly regulated industry or not.
It’s not all bad news. Many companies are “getting around to it” in their own time, but unfortunately the “time” was before 25th May 2018. They are now in the “DANGER ZONE”.
Yes, if you store “sensitive data” you are going to have to conduct more work on the impact of this and the security you have around it, including contracts with third parties.
Yes, you need a policy to state the companies position and measures taken.
Yes you need Privacy Notices for Website, Customers and Employees/sub-contractors and even third party suppliers of goods and services.
The problem with Information Commissioners Office Fines is that, to the smaller business, the amounts can be disproportionate to the turnover/profit of the company, and have a greater impact, even wiping them out.
Lee Werrell, Chartered FCSI MISM, Owner IYC Cubed Limted
The Good News Is …
We can help you.
From providing template documents to conducting an analysis for you and providing the correct documentation, fully tailored to your business.
If you need us to conduct audits and impact assessment of your data, we can do that too.
All our help starts from as little as £250.
Ask for details. Call us on 0207 097 1434 or email GDPRLocal@complianceconsultant.org