According to the findings of a recent survey, more than half of UK businesses are still not fully compliant with GDPR.
The findings indicate that a significant number of businesses could end up on the wrong end of regulatory action should a major data breach or cyber-attack take place.
The survey commissioned by Egress Software Technologies was designed to assess the GDPR compliance of small, medium, and large businesses in the UK a year after the data security legislation was introduced.
Just under half of the respondents (48 per cent) said they were fully compliant with the GDPR legislation, with 42 per cent claiming to be ‘mostly compliant’ and the remainder at various stages of compliance.
These statistics come despite massive fines imposed on large organisations such as British Airways and Marriott following data breaches during the past twelve months.
It was also revealed that less than two thirds (62 per cent) rated GDPR as a priority in their organisations, with 35 per cent of decision-makers saying that the majority of their work to comply with GDPR was carried out before the implementation of the rules.
According to Tony Pepper, CEO at Egress Software Technologies, the initial lack of regulatory action following the enactment of GDPR could have led to a perception outside the security industry that the regulation was ‘all bark and no bite’.
“Although the authority’s announcement that it intends to fine British Airways and Marriott such staggering sums sent shockwaves through the security community, it is concerning only 6% of organisations have taken action to avoid the full potential of the legislation. These announcements should have acted as a clearer warning that organisations cannot risk compliance complacency,” he said.
For specialist help and advice regarding GDPR legislation, contact our expert team today.