Half of UK business owners anticipate GDPR non-compliance fine
Almost half of UK business owners are braced for a GDPR non-compliance penalty ahead of the 25 May deadline, new survey findings have found, with private enterprises struggling to agree on internal accountability.
Later this month, the government’s data protection bill will introduce new consumer consent requirements for businesses to adhere to. Essentially, customers must explicitly opt-in to share their personal data with a company.
According to new research into data governance attitudes ahead of GDPR, undertaken by data privacy firm Ensighten, 45 per cent of company owners have set money aside in anticipation of a GDPR fine.
Meanwhile, 61 per cent of survey respondents would apply for an extension to the deadline if they could, highlighting a potentially worrying lack of organisation among UK businesses.
Commenting on the findings, Ian Woolley, Ensighten CEO, said that business owners remained aware, but still uncertain? in the final month of GDPR preparation.?
the good news is that brands still have time to deploy and optimise customer privacy and consent options on their websites, he added.
educating consumers on how their personal data is used and why their permission is needed is essential to building consumer trust and gaining their opt-in consent. GDPR is not just a legal hurdle to jump.
whilst brands are putting money aside for fines, they should not underestimate the damage to their reputation and business from not educating customers now.
One of the reasons firms seem unprepared for GDPR, the study found, could be the lack of consensus over who is responsible for data protection within a business.
Almost a third of respondents said it should lie with the CEO, but one in four wanted to hand GDPR over to the chief data officer. Just 22 per cent believed responsibility should lie with the chief marketing officer.?
GDPR countdown: What businesses need to do right now
Over the last year, our experts have been helping small business owners get their house in order ahead of GDPR. Here are their essential tips.
Undertake an organisation-wide data audit
Ryan Wain, chief marketing officer at Unlimited Group, advised decision makers to undertake a full audit on data held by a business.
distinguish between personal and non-personal data, identify its use, the processes applied to it and the legal considerations. This does not have to mean line-by-line data analysis where they can be, different data sets can be grouped together, Wain explained.
inevitably, you will find data that’s years? old and no longer needed. If you decide this poses a compliance risk, deleting it delivers immediate benefits.
Praseeda Nair is the editorial director of Business Advice, and its sister publication for growing businesses, Real Business. She's an impassioned advocate for women in leadership, and likes to profile business owners, advisors and experts in the field of entrepreneurship and management.
To assist small business owners in preparing for new data protection legislation, the Information Commissioner's Office (ICO) has confirmed that a dedicated GDPR helpline will go live on 1 November 2017. more»
With business owners across Britain preoccupied with GDPR compliance ahead of next month's introduction, its forgotten sibling the so-called cookie law? could dramatically change the way brands communicate with consumers and collect data. more»