There is relatively little time remaining until the European Union General Data Protection Regulation (GDPR) is introduced on 25 May 2018. However, if recent surveys are to be believed, many data protection specialists and the companies they work for, are not ready for the new rules.
The outcomes of a survey carried out by Cloud technology provider Calligo show that 69% of the 500 IT decision makers do not believe that their organisation is prepared for the changes. This could mean that many firms and small businesses end up having to pay a major fines, which can be as high as 4% of annual revenue or £20 million, whichever is higher. Worryingly, only 9% of those surveyed felt that that they were fully supported by compliance departments, in relation getting ready for the new GDPR legislation.
Only 43% of groups that took part in the survey had appointed a data protection officer (DPO). This is a vital stipulation of the GDPR for any company with more than 250 members of staff, and can result in massive fines if it is not adhered to.
Small company owners may not feel that GDPR applies to them; but this is not the case. Even if you have less than 250 workers at your company, you still must comply if your processing impacts the rights and freedoms of people.
It should also be noted that the GDPR does not just apply to companies and groups that are located in Europe. If an organisation has staff based in Europe, or deals with data for people who reside in Europe, it must adhere with GDPR.
This compliance is obligatory if organisations wish to avoid administrative fines. According to the outcomes of surveys carried out by Calligo, many groups have much to do, in order to achieve this.