Almost half of UK businesses ‘will fall foul of new data protection law’
British businesses are failing to prepare for EU data protection rules that are coming into effect next year, lawyers have said.
Some 90 per cent of businesses surveyed said they had not updated their privacy policies, a failure that would put them in breach of the general data protection regulation from Brussels, which comes into force in May.
Almost 25 per cent told researchers that they were unaware of the updated data protection laws, while about 40 per cent reported that they had not taken any steps to prepare for the regulation.
A similar percentage predicted that they would not be able to comply with the rule by the deadline, while just over 75 per cent said they had not put in place systems to ensure data security breaches are notified to the authorities as will be required by the law.
Businesses were not just ignorant of the data protection regulations. Some 42 per cent were unaware that the rules on direct marketing and the use of internet cookies were likely to change under the eprivacy regulation from Brussels, which is also likely to come into effect in May.
Simon Stokes, a partner at Blake Morgan, the law firm that commissioned the research, said that there was “genuine confusion among many business leaders about what the new law means and how to achieve full compliance”.
He continued: “Some of the survey comments highlight a desire for clearer guidance and the mountain of work that many organisations believe they are facing because of the sheer volume of data and a limited timescale.”