Fewer than one in 10 small businesses have completed their preparations for the European Union’s General Data Protection Regulation (GDPR), new research has shown. The deadline is 25th May this year.
The Federation of Small Businesses data suggests a third of small firms have not even started preparing for GDPR. A further third admit to still being in the early stages of preparations. Just 8 per cent of small businesses are good to go!
GDPR is a comprehensive set of rules governing how personal data is collected, processed and stored. It aims to offer greater protection to consumers and applies to any business that collects, stores or processes any form of personal data.
The EU-led regulation represents the biggest shakeup to data protection in more than 20 years. Despite Brexit, it will apply to all British businesses because the UK will still be a member of the EU when it is implemented in May.
Businesses that don’t comply with the changes will be hit in the wallet for failing to uphold the new data protection standards. Penalties will reach an upper limit of €20 million or 4% of annual global turnover (whichever is higher). On top of that, companies failing to uphold the regulation will face significant PR fallout and reputational damage.
The Information Commissioners Office (ICO) has produced an overview of the GDPR which you can access here.