As the 25 May 2018 deadline for EU General Data Protection Regulation (GDPR) compliance draws near, it is becoming clear that the vast majority of UK businesses will not be ready.
A recent research report, carried out by Ipsos MORI on behalf of the UK government, identified that only 38% of businesses and 44% of charities are currently aware of the GDPR.
Of those aware of the Regulation, just over 25% of businesses and charities have made a start on their GDPR compliance project.
Matt Hancock, secretary of state for culture, media and sport, said: “We are strengthening the UK’s data protection laws to make them fit for the digital age by giving people more control over their own data. And as these figures show many organisations still need to act to make sure the personal data they hold is secure.”
Preparing for the GDPR – a compliance checklist
The GDPR demands greater accountability and transparency from organisations in how they collect, process and store personal information.
The ability to prove compliance is critical. Organisations that act quickly to ensure compliance will be those that thrive in the evolving regulatory environment.
Time is running out and your organisation must prioritise the steps you need to take to achieve GDPR compliance.
If you are just beginning your GDPR compliance project, it’s unlikely that you’ll be fully compliant by the deadline, but steps can be taken to prove that you are making an effort to comply.
Look at our recent blog, GDPR priorities in the lead up to May, to see how you can plan and prioritise the steps you need to take to begin your GDPR project.
Clear and comprehensive guidance to kick-start your GDPR compliance project
March’s book of the month, EU General Data Protection Regulation (GDPR) – An Implementation and Compliance Guide, is a perfect companion for those managing a GDPR compliance project, providing clear and comprehensive guidance and practical advice on implementing a compliance framework.
This bestselling guide provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.