Skip to main content

Almost half of IT professionals admit they don’t understand data compliance legislation

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

Companies today are faced with more jargon and acronyms than ever before. Whether it’s reporting to the FCA to meet PCI DSS standards or complying with CDE standards or even considering your ROCs or observing the EAA, today’s legislation is riddled with confusing jargon. But organisations need to comply, or else risk unhappy customers, bad press and even legal action.

Results from

Six Degrees Group

’s latest survey are further proof of the confusion that this legislation is causing.

The survey unearthed that almost half (43 per cent) of IT professionals don’t currently understand the compliance legislation when it comes to managing data. In fact, with so much at stake, over half (52 per cent) of the IT industry specialists surveyed indicated that they would rather use a managed service provider to help them cope with their data compliance rather than manage it internally.

Campbell Williams, group strategy and marketing director, Six Degrees Group, said: “Organisations need to manage vital financial information, customer details and intellectual property correctly in order to comply with the latest regulations. It is troubling that the majority of IT professionals surveyed have an insufficient understanding of how to make sure they are compliant.

There’s clearly been a breakdown in communications between the compliance and IT departments, but considering the number of rules out there, perhaps it’s not surprising. Something needs to be done to help UK industries to make sense of this maze of legislation.”

The survey also highlighted that 86 per cent of those questioned think that data sovereignty (where their data is stored) is a concern. However, 35 per cent of those who use a managed service provider admitted to not knowing where their data is housed.

Williams continued: “Data sovereignty is a key component when it comes to compliance. For some organisations, it’s essential that data is stored within the UK or EU or as prescribed either by law or by internal governance policies.

However it’s not only compliance at stake, but also security. When a third of IT professionals using a managed services provider don’t know where their data is stored, how can they be sure that the data is safe? With businesses relying on cloud providers that might be operating anywhere in the world, it’s time to start asking these questions and make compliance and sovereignty a business priority.”