View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
July 25, 2017updated 07 Jul 2022 7:29am

Disastrous fines loom as only 9% of UK businesses appear ‘GDPR-ready’

Failing organisations at risk of stacking up fines if they fail to comply to the forthcoming GDPR regulations despite claiming readiness.

By Hannah Williams

Many organisations consider themselves ‘GDPR-ready,’ but this is not actually the case for all, according to research.

Over 900 organisations were surveyed globally, and from these, Veritas found that only 9% of UK businesses which claim to be ‘GDPR-ready’ are actually compliant.

Fully compliant organisations are expected to have strategies such as security and business transformation in place, all of which will be structured to meet compliance regulations.

However, a new study from Veritas Technologies found that 48 percent of organisations claim they are compliant yet they are unable to provide full visibility over personal data loss incidents. Meaning that they aren’t actually compliant.

A key requirement under the GDPR law states that organisations must be able to report the loss or theft of personal data, such as medical records, passwords and so on within 72 hours. Although, the study cited 61 percent of organisations who admitted it was difficult for them to do so.

Read more:Ignorance isn’t bliss: GDPR fines loom as staff ignore IT data policies

Organisations appear to be failing to understand the importance of keeping to the requirements and in essence, following the rules. With less than a year till GDPR laws come into force, businesses are at risk of being hit by breach fines if they fail to report basic information like loss of personal data.

In 2016, the rate of UK data breach fines doubled to a huge £3.2m, with an increase of 155 percent in the number of data protection enforcement actions issued. This will only keep increasing if businesses remain ignorant towards the importance of complying with the fast-approaching regulations.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Jason Tooley, VP of Northern Europe, Veritas said: “With the EU’s General Data Protection (GDPR) less than one year away, organisation around the world are deeply concerned about the impact that information non-compliance can have on their brand and loyalty of their customers.”

Protecting personal data is crucial in any organisation and more importantly when the GDPR comes in full force. Ahead of this, organisations are advised to revisit their compliance strategies, whether they believe they are already compliant or not.

The GDPR will take effect on 25th May 2018, and is set to apply to all organisations that offer goods or services to EU residents, both in and out of the EU.

Topics in this article : , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.