An Ipsos study conducted on behalf of Shred-it on the eve of the General Data Protection Regulation (GDPR) enforcement deadline has found that most businesses in the UK, especially the smaller ones, have fallen short when it comes to working towards compliance.
Particularly when it comes to the financial, legal, and insurance sectors – even with polled executives reporting being hit by data breaches – many are still not as prepared as they should be. Here are the numbers for the abovementioned industries:
“Data previously released by Shred-it showed GDPR awareness was still at alarmingly low levels as the regime was coming into full force,” said Neil Percy, vice president market development and integration EMEA at Shred-it. “When it comes to specific preparations, too many businesses are way behind the curve.
“British companies need to close the gap on what information they are permitted to hold and what they must delete, and also extend the focus beyond the purely digital to consider physical formats, equally important under GDPR.”
Percy added that the lack of ‘ubiquitous’ training on GDPR suggests that a large proportion of the workforce in the UK is not appropriately trained for the kinds of safeguards necessary under the new regulation.