According to a new survey, crucial updates to their privacy policies, have not been made by 82% of businesses ahead of GDPR.
As the time continues to run out regarding compliance with the General Data Protection Regulations, the survey conducted by Finance.co.uk has found that a whole lot of different organizations may be at risk of not complying, putting them at a risk of both reputational and brand damage and regulatory action.
With the digital economy massive growth that continues to go on, the biggest shift in data protection for many years is represented by GDPR and all those organizations that process or retain personal information will have to comply.
Greater transparency is what the new law focuses on in terms of just how personal data is collected, processed and retained. Organizations are made much more accountable and enhanced rights are given to those whose personal data is processed and collected.
It is backed up for the most serious breaches by significantly higher fines, up to four per cent of worldwide turnover or £20 million – whichever is greater – and with a requirement that personal data breaches must be notified within 72 hours when to people’s rights and freedoms they are likely to result in any risk.
The research conducted by Finance.co.uk revealed that privacy policies to comply with the law had only been updated by 18 per cent of those that had been surveyed. In addition, to ensure that data security breaches were notified in line with GDPR, only one quarter had put systems in place.
Understanding Key To Success Of Data Flow – And Compliance Of GDPR
A spokesperson for Finance.co.uk, has said that “The survey we conducted highlights a substantial number of organizations across the private and public sectors continue being under-prepared for these data protection law major changes”.
“Among many business leaders there seems to be a genuine confusion regarding the meaning of the new law and just how full compliance can be achieved”.
“Good corporate housekeeping is what GDPR compliance is all about. It will not only avoid any risk of reputation-ally and financially drawing sanctions or fines – it will ultimately assure the trust of the public in your organization and at a time when data security and privacy are even more important than they ever have been”.
“As the data protection regulator of the UK, recently ICO has shown that GDPR is essentially about trust”.
Almost 40 per cent of those organizations that were surveyed, the findings have revealed, have not taken any steps to get prepared for the new general protection regulations. In addition, not confident that they would in fact be ready to comply by 25th May with GDPR, when the law does come into force, are more than a third of those surveyed.
Just over a fifth of those businesses surveyed were not aware of GDPR at all and also had no understanding of just what the related and forthcoming ePrivacy Regulation will mean to their organization!