The GDPR is a new EU regulation, setting new standards across the board for data protection and security. It is an extremely complex regulation and a lot of organisations are still waiting for the dust to settle. A lot of attention has brought to the penalties and fines of non compliance and data breaches. Because there is such an onus on businesses to be more transparent with consumers about how they process their personally identifiable information (PII), large fines have been implemented as a strict deterrent for any mistreatment of data.
The DMA conducted a survey in the summer of 2016 to gauge the industry’s readiness for the new General Data Protection Regulation, or GDPR for short. They recently conducted a follow up GDPR survey to study how well the UK is preparing for this monumental change in data protection law.
What did the survey show?
26% of marketers say they are unprepared for GDPR
The headline statistic from the report is that a quarter (26%) of marketers say they are unprepared for the new General Data Protection Regulation. When asked how prepared they were for GDPR at his moment, 14% said they were extremely unprepared. A further 12% said they and neither prepared nor unprepared.
This statistic is particularly alarming as the GDPR requires more transparent data processing. This could mean a fundamental restructuring of how a business collects and uses personal data. This could be a project that requires significant amount of time to complete – and we are now just over a year away from the 25th May 2018 deadline.
The General Data Protection Regulation will apply to all UK businesses despite Brexit because it will come into force before the UK has left the EU. Not only that, but even in a post-Brexit world, the scope of the GDPR applies to anyone who processes EU citizen’s personal data – whether they are in the EU or not. The definition of personal data has been expanded to include work email address that contain staff names and even I.P addresses.
According to a report in the House of Commons Library, there were 5.5 million businesses registered in the UK in 2016. That means 1.3 million businesses in the UK still unprepared!
Almost 1 in 5 B2B Marketers had ‘no plan’ for GDPR Compliance
This is quite an alarming statistic upon first look, almost 1 in 5 businesses have no plan for GDPR compliance. An optimistic view would consider the likelihood of a businesses already operating in compliance with GDPR, however this seem unlikely given it presents a massive change in data protection procedures.
The B2B sector still awaits a definitive answer on how the GDPR will affect them, is a consent only approach better than a legitimate interest approach? For more information on this critical decision all businesses must make, you can read our new GDPR report to find out the latest information regarding consent, opt-in/outs, B2B/B2C and more…
If a businesses decides to go down a consent only route, they need to start confirming their opt-in contacts right away! A massive 48% of respondents said they had only a very basic or no knowledge of GDPR at all. The penalties for non-compliance are high, 2% of global annual turnover for non-compliance, increasing to €20m or 4% of global annual turnover for data breaches.
Intermedia Global GDPR Review
To shed some light on the EU regulation, we produced a report covering the key points in depth. Topics include: Breaches, opt-in/out, consent vs legitimate interest and more…