UK's SMEs clueless about GDPR

The EU GDPR (General Data Protection Regulation) is the biggest change the European Union has made to data protection laws in the past 30 years, and is, arguably, currently the law with biggest global implications.

One would think, by now, businesses all over the globe would know it by heart. Well, that's not really the case. At least, not when it comes to SMEs (small and medium-sized enterprises) in the UK.

As a matter of fact, according to Close Brothers’ quarterly survey of UK SME owners and senior management in a variety of verticals, just 4 per cent of SMEs said they understand the legislation and are in the clear about the effects GDPR will have on their business.

The rest? Oh, my.

More than four fifths (82 per cent) have never heard of GDPR, and have no understanding of what it does. Another 14 per cent know a bit, but would still need extra advice.

“GDPR is one of the most significant and anticipated pieces of legislation conceived in the EU in recent years,” explained Ian McVicar, Managing Director, Close Brothers Technology Services. “It is intended to strengthen and unify data protection for individuals within the EU.“

“What these results demonstrate is that there is a clear lack of understanding at all levels and across all sectors. One of the headline figures that has been focused on is the penalty for non-compliance, which is up to 4 per cent of annual revenue or €20 million, whichever is the higher.“

The GDPR was adopted on April 27 2016, and enters into force May 25, 2018.

Image source: Shutterstock/Den Rise