Over half of firms still not GDPR compliant
Over half of financial and accounting firms have not taken any precautions to become GDPR compliant, despite the regulation coming into force 18 months ago, according to a survey from document management firm Invu.
Despite 81% of employees saying GDPR had made their business more aware of the risks of security and the need for stricter privacy regulations, 57% of firms have chosen not to introduce any new procedures or policies to increase security.
8% also claimed their business had carried on as if GDPR hadn’t come into force and paid no attention to any new privacy or security policies they might need to implement.
Small businesses in particular appear to be running a risk with GDPR compliance with just 29% having introduced new policies for data handling – despite 60% admitting to being more aware and concerned of the risks.
Ian Smith, general manager and finance director at Invu, said: “The scale of penalties issued by the ICO in recent months should have helped focus the attention of UK business leaders on this issue. You only need to consider the record £183.39 million penalty issued to British Airways for data security failures under GDPR.
“This just shows that GDPR fines are a real threat to those businesses not doing enough to protect personal data. I would have expected many more businesses to have taken at least some precautions by now- but this data suggests many have not.”
Breaking news
Direct to your inbox:
More
stories
you'll love:
This week's biggest stories:
This week's biggest stories:
Santander
Santander to acquire TSB in £2.65bn deal
Bank Of England
Bank of England issues first-of-its-kind fine of £11.9m
Lloyds
Lloyds sets aside extra £4bn for high-LTI mortgage lending
Regulation
Lenders urged to prepare for court ruling on commissions as motor finance complaints surge
Financial Conduct Authority
FCA moves ahead with targeted support in 'transformational' advice reforms
GDP
August rate cut likely as GDP falls for second consecutive month
