Skip to main content

More than half of UK businesses still aren't GDPR compliant

(Image credit: Image Credit: StartupStockPhotos / Pixabay)

It has been more than a year since GDPR (opens in new tab) came into force, but the majority of businesses in the UK are still not in line with the data regulation. This was concluded by security firm Egress which, after polling decision-makers in the country, realised that 52 per cent were still not fully compliant.

More than a third (37 per cent) have had an incident reported to the Information Commissioner’s Office (ICO) within a year, and out of that number, almost a fifth (17 per cent) have had to do it multiple times.

It seems as mid-sized companies are either experiencing more attacks, or are more diligent when it comes to reporting, given that more than half (53 per cent) reported a data breach to the ICO in the last 12 months, compared to 36 per cent of small companies and 23 per cent of enterprises.

For a third, GDPR (opens in new tab)is not that big of a priority any more. Among those that do prioritise getting in line with the new regulation, there are two major elements on which organisations focus: auditing what data gets collected and why, and making sure they have a Data Protection Office on board.

Tony Pepper, CEO, Egress, says that many organisations are opting for the “almost compliant is close enough approach”.

“The wait of more than a year between implementation and the first action taken by the ICO under GDPR (opens in new tab)seemed to lead to a perception outside the security industry that the regulation was ‘all bark and no bite’. Although the authority’s announcement that it intends to fine British Airways and Marriott such staggering sums sent shockwaves through the security community, it is concerning only six per cent of organisations have taken action to avoid the full potential of the legislation,” he added.

“These announcements should definitely have acted as a clearer warning that organisations cannot risk compliance complacency.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.