London, GB 20 °C

Tuesday, April 23, 2019


Only 25% of SMEs prepared for GDPR deadline

Tom Belger | 14:00 Tuesday 12th December 2017

Only one in four SMEs (254%) have prepared for the General Data Protection Regulation (GDPR) deadline, according to a survey by invoice finance provider Close Brothers .

Just one in three SMEs (33.3%) are aware of GDPR's implications, even though they are covered by the majority of its provisions.

The GDPR – a European Union directive which comes into force in the UK on 25th May 2018 – includes provisions for the EU to levy huge penalties on businesses found guilty of a compliance failure.

In the most serious cases, firms could be fined up to €20m or 4% of their annual global turnover.

However, almost three-quarters of SMEs (73%) reported that they didn't share customer data with third parties.

David Thomson of Close Brothers said: “The GDPR regime includes requirements for new processes such as the employment of data controllers, privacy impact assessments and greater choice for customers, including the right to be forgotten – businesses will also be required to disclose all data breaches to regulators.

“Some of the rules sound deceptively simple, but many firms will struggle to cope because they don't even have a clear idea of what data they currently hold on customers, or where and how it is stored.

“All organisations must take the GDPR seriously and SMEs are no exception.

“Making an investment now in order to prepare and protect your business is essential if you do not want to risk incurring significant financial penalties – or the major reputational damage that a public breach of the new regulation would undoubtedly cause.”

leave a comment

Your email address will not be published.