The majority of the UK’s small and medium sized businesses (SMEs) have either not heard of – or are uncertain about – the impact of the EU’s new data protection legislation, General Data Protection Regulation (GDPR), which was adopted in April 2016 and takes effect within two years.
The findings, which form part of Close Brothers’ quarterly survey of UK SME owners and senior management from a range of sectors, found that 82% of companies have either not heard of GDPR or don’t understand its impact; a further 14% will need to take further advice.
Only 4% of SMEs say they understand the legislation and are clear about the effect GDPR will have on their business.
“GDPR is one of the most significant and anticipated pieces of legislation conceived in the EU in recent years,” explained Ian McVicar, Managing Director, Close Brothers Technology Services. “It is intended to strengthen and unify data protection for individuals within the EU.
“What these results demonstrate is that there is a clear lack of understanding at all levels and across all sectors. One of the headline figures that has been focused on is the penalty for non-compliance, which is up to 4% of annual revenue or €20 million, whichever is the higher.
“We would like businesses to think positively about GDPR and understand how it can benefit both them and their customers.”
Sean Callanan, Director of Technology Services, said: “We see a key part of our role as helping businesses make informed decisions around issues like how to prepare for GDPR.
“We’re currently working with International Data Corporation, who provide market-leading intelligence and advisory services, to help demystify the regulation. Our focus will be on the areas where technology can help businesses prepare for GDPR, because much of the regulation is actually about process; however, some elements can only be enabled or managed through technology.
“We’ll work in partnership with businesses and guide them towards what technology they really need to invest in to be prepared and compliant.”
