Home » Topics » Governance, Risk and Compliance » Are you leaving GDPR compliance too late?

Are you leaving GDPR compliance too late?

Avatar photoby Andrew Ross

Despite the deadline for GDPR compliance arriving on the 25th of May, Information Age reported, only last week, that 61% of UK businesses are far from prepared and would apply for an extension if they had the choice.

The absence of GDPR preparedness is not confined to the UK, similar figures are arising all over Europe. While small to medium-sized organisation appear to be the most ill-equipped.

How worried are businesses?

Given that 45% of UK businesses expect to be fined for failure to be GDPR ready, it is safe to assume that the gravity of the situation may have finally set in for many business leaders.

Some argue that the panic may not be fully necessary, indeed, the fear-mongering coming from various consultants and people on the GDPR bandwagon, looking for an organisation to spend more money, are likely to bring gratuitous worry.

>See also: GDPR – Are your tech platforms secured for first contact?

However, according to Michael Abtar, CEO of IG Smart: “There is a predominant concern among business leaders.

“It is around their client and contact lists, in particular, they are concerned about their ability to hold on to it and continue to contact people through it.

“Where in the past a lot of people have collected things in a rather casual way and haven’t given enough thought to transparency and how consent is captured, a lot of data is far from meeting GDPR standards.”

Fear of missing out

Beyond just avoiding fines, however, there appears to be fear of missing out among many businesses leaders. With compliance to GDPR, you get access to a single digital EU economy. This opens up a lot of doorways for doing business in Europe.

Abtar added: “We already have free movement of goods and free movement of people, this is in effect free movement of data.

>See also: How to turn GDPR into an opportunity for your business

“Being compliant with GDPR and having some other accreditations, like ISO 27001 and the Cyber Essentials scheme, or being able to show that you have had external audit reports, will, in turn, give you a competitive advantage.

“Particularly when it comes to bidding for new business in the public sector. Often in this sector, be it local authorities or healthcare organisations, they are mandating compliance with specific standards. We’ve had clients come to us where they’ve been invited to submit proposals to public sector contracts and they’ve been asked specifically if they are compliant with things like Cyber Essentials Plus. Often with public sector contracts, the pre-qualification is weighted around information governance and data protection.

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics

GDPR

Related Stories

Governance, Risk and Compliance

Two ways to improve GDPR enforcement

Martin Davies of Drata explains how GDPR is currently enforced and how enforcement could be improved across the European Union

Governance, Risk and Compliance

Four in five IT leaders concerned about data compliance

Cloudera research reveals that 79 per cent of IT leaders see compliance as the main data management concern, despite widespread investment

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Governance, Risk and Compliance

What unbundling Microsoft Teams will mean for EU customers

In the midst of an EU antitrust investigation, Microsoft Teams is now set to be offered to businesses separately from its Office suite