The majority of the UK’s small and medium-sized businesses have either not heard of, or are uncertain about, the impact of the EU’s new data protection legislation, research finds.
General Data Protection Regulation (GDPR) was adopted in April 2016 and takes effect within two years.
The study, which forms part of Close Brothers’ quarterly survey of UK SME owners and senior management from a range of sectors, finds that 82 per cent of companies have either not heard of GDPR or don’t understand its impact; a further 14 per cent will need to take further advice.
Only 4 per cent of SMEs say they understand the legislation and are clear about the effect GDPR will have on their business.
Ian McVicar, managing director of Close Brothers Technology Services says, that GDPR is one of the most significant and anticipated pieces of legislation conceived in the EU in recent years, and is intended to strengthen and unify data protection for individuals within the EU.
‘What these results demonstrate is that there is a clear lack of understanding at all levels and across all sectors,’ he adds. ‘One of the headline figures that has been focused on is the penalty for non-compliance, which is up to 4 per cent of annual revenue or €20 million, whichever is the higher.
‘We would like businesses to think positively about GDPR and understand how it can benefit both them and their customers.’
Close Brothers Technology Services is currently working with International Data Corporation, which provides intelligence and advisory services, to help demystify the regulation.
Sean Callanan, of the organisation, says, ‘Our focus will be on the areas where technology can help businesses prepare for GDPR, because much of the regulation is actually about process; however, some elements can only be enabled or managed through technology.
‘We’ll work in partnership with businesses and guide them towards what technology they really need to invest in to be prepared and compliant.’
Further reading on small business technology