Are businesses in denial about GDPR fines?

2 May 2018


Are businesses in denial about GDPR fines?Most businesses don't believe they will be fined for breaching GDPR rules according to a new survey.

A study by Spiceworks has found that only 14% of UK organisations, 9% of those in the EU and 3% of US organisations believe they'll actually be fined for not complying with the General Data Protection Regulation (GDPR) after it is introduced on 25 May this year.

The findings also show that many businesses will miss the upcoming GDPR compliance deadline. In fact, the UK is "ahead of the game" according to the study, as 61% of UK firms expect to be compliant by May 25th, compared to 46% of businesses in the rest of the EU and only 25% in the United States.

In addition, 59% of UK organisations are training employees to be GDPR-compliant, compared to 54% in the EU and 21% in the US. UK organisations are also spending the most time on GDPR preparation - 30% of organisations in the UK expect to spend more than 120 hours on this, compared to 18% in the US.

A lack of time and resources are the main reasons that 60% of IT professionals in the UK fear missing the deadline. In contrast, 40% of IT professionals in United States say the main reason they will not meet the deadline is because it's not a priority for their organisation.

One third of IT professionals say GDPR will make their jobs more difficult and 20% say it will make it more difficult for their whole company to do business. Despite the challenges, 75% of IT professionals in the UK and 70% in the rest of the EU are in favour of GDPR.

"On paper, most IT pros support the principles of the GDPR and want to protect personal data, but in practice, many hurdles are keeping organisations from becoming compliant in a timely manner," said Peter Tsai, senior technology analyst at Spiceworks. "As a result, European regulators might have their hands full, considering many organisations won't be GDPR compliant for months or years to come, and few believe they will be penalised."

Also this week, a survey by Veritas has found that 40% of UK consumers intend to exercise their data privacy rights in the next six months. The findings show that consumers are most likely to approach financial services companies (56%), social media companies (48%) and retailers (46%) to ask about the personal information that is held on them.