Over half of UK businesses are still not fully GDPR compliant

According to the findings of a recent survey, more than half of UK businesses are still not fully compliant with GDPR.

The findings indicate that a significant number of businesses could end up on the wrong end of regulatory action should a major data breach or cyber-attack take place.

The survey commissioned by Egress Software Technologies was designed to assess the GDPR compliance of small, medium, and large businesses in the UK a year after the data security legislation was introduced.

Just under half of the respondents (48 per cent) said they were fully compliant with the GDPR legislation, with 42 per cent claiming to be ‘mostly compliant’ and the remainder at various stages of compliance.

These statistics come despite massive fines imposed on large organisations such as British Airways and Marriott following data breaches during the past twelve months.

It was also revealed that less than two thirds (62 per cent) rated GDPR as a priority in their organisations, with 35 per cent of decision-makers saying that the majority of their work to comply with GDPR was carried out before the implementation of the rules.

David Scott, Senior Associate Solicitor at Hethertons, said: “Businesses are continuing to put themselves at risk of regulatory action by the ICO for not being fully compliant with the GDPR.  As more and more people become aware of their rights regarding data, the prospect of the ICO receiving a complaint increases.”

If you require help or guidance with data protection, contact Hethertons employment team today on 01904 528200.