A significant number of businesses are risking non-compliance
Businesses that use personal data now have less than a year to comply with the General Data Protection Regulation (GDPR) which comes into force on 25th May 2018.
The GDPR harmonises data protection laws across the EU and updates the current 20-year-old regime to take account of globalisation and the ever-changing technology landscape. The current legislation was brought in before the internet and cloud technology created new ways of exploiting data, and the GDPR seeks to address that.
Although the GDPR represents an evolution of current data protection laws rather than a revolution, there are some significant changes. These have the potential to have a profound impact on many organisations that collect and use information about individuals, especially if a company’s approach to compliance with current data protection law is poor or inconsistent.
A survey conducted by Gemserv across senior figures in information security and IT has highlighted that many businesses are leaving themselves at risk of non-compliance by not taking steps to prepare for the changes.
The survey findings have underlined the need for businesses to review and audit their data protection policies and practices early to assess what will be required to comply with the new rules and put in place a full compliance programme.
To download paper, you can access the document simply clicking the link below*: