Forty per cent of London's small businesses have no idea what GDPR stands for, what it does and how it affects them, according to a new report by Aldermore.
The challenger bank says a total of 420,000 bosses in the capital’s small and medium-sized businesses don’t know they’ll have to report on data breaches, or give their customers the right to be forgotten.
Worryingly, this also means that the companies also have no idea about the fines they might be facing in case they don’t comply.
To make a grim situation even worse, almost 66 per cent of them said they had in fact suffered a data breach in the past.
“The GDPR is the biggest shake-up in data protection to date and the results are worrying when looking at the amount of businesses that are unaware of the impact it will have on them," said Aldermore's business finance group managing director Carl D'Ammassa.
"Data privacy, the appropriate use of customer information and breach notifications all need to be taken incredibly seriously. This is made especially apparent when one considers the increased sanctions businesses face if they don’t keep to the new regulations, including regular data protection audits, and fines of up to £20m or four per cent of their annual turnover for the most serious violations."
Out of 1,000 bosses surveyed, more than half fear cyber-attacks, and four in ten worry about the financial effects of such an attack. At the same time, only a third said cyber-defence is their top priority.
A quarter said they knew the importance of cyber-defence, but they just couldn’t find the time to handle it.
Image source: Shutterstock/Wright Studio