On 25 May 2018, the EU’s data privacy and security law was implemented across Europe. It included hundreds of pages worth of new requirements affecting organisations around the world. One year on, however, many businesses are still neglecting GDPR.
The General Data Protection Regulation is the toughest data privacy and security law in the world. Though it was drafted and passed by the European Union, it imposes obligations on organisations anywhere, so long as they target or collect data related to people in the EU.
Despite the publicity around GDPR last year, there is still a lack awareness among business owners when it comes to the consequences of failing to meet the new requirements. According to a Hiscox survey among SMEs, over a third (39%) do not know whom GDPR affects. In addition, a further 10% of SMEs don’t think that consumers have any new rights following the introduction of GDPR.
Our survey also revealed that the overwhelming majority of small business owners are not aware of the potential fines for breaching GDPR which, based on two tiers, range from £7.9m or 2% of the company’s global turnover to £17m or 4% of annual global turnover.
Benefits of GDPR
There are so many benefits to being GDPR competent, including:
Improve your cyber resilience
Improve your data management
Boost audience loyalty and trust
Create a new business culture
One key part of GDPR is being cyber compliant. Cyber Essentials certification is required when handling sensitive or personal data. Having Cyber Essentials in place will not only protect your business but will demonstrate to your clients (especially those in the public sector) that your business is dedicated to staying cyber secure and has the latest recommendations in place to counter newer threats.