How are businesses preparing for GDPR?

The EU General Data Protection Regulation (GDPR) is arguably the biggest change in data privacy regulation in 20 years. GDPR applies to all companies that process and hold the personal data of people living in the European Union.

The most serious infringements of non-compliance carry fines of up to 4% of annual global turnover, or €20 million. New Populus research finds varying levels of awareness, and preparation, among businesses across Europe.

The impact of GDPR on businesses

Populus has carried out research on behalf of Senzing, the California-based software technology company which produced a report – Finding The Missing Link in GDPR Compliance – based on the findings.

The companies surveyed, based in Germany, France, Spain, Italy and the UK, say they expect to spend hours of time per month looking for data. The time predicted to take is the equivalent of having one employee dedicated solely to dealing with GDPR enquiries.

The research finds a divide between small to medium sized businesses, and larger organisations, when it comes to planning for GDPR. More than a quarter (27%) of SMEs and half (50%) of micro businesses say they do not need to make any changes to their operations, compared with just 16% of large companies, according to the findings.

Over a third (35%) say they’re aware of the potential fines for non-compliance, while around the same number (30%) say financial penalties will have no impact at all. 15% say they ‘don’t know’ about the financial fines of non-compliance.

Populus and GDPR compliance

Populus has taken a number of steps to ensure GDPR compliance. Last year, we became MRS Fair Data accredited and were awarded the ‘Cyber Essentials’ certificate in a demonstration of our commitment to protecting consumers and their data fairly, ethically and transparently.

We have also updated a number of our policies and procedures, including file sharing, data processing and storage, and client agreements. We will continue to review and update our privacy policy and work towards GDPR compliance.

Methodology:

  1. Populus interviewed 1,015 businesses in the UK, France, Italy, Spain and Germany between 9 and 15 January 2018. Data were weighted in order to be demographically representative of adults in the UK. Populus is a founder member of the British Polling Council and abides by its rules. Further information at www.populus.co.uk