Most United Kingdom based companies risk disruption of businesses and huge fines as a result of GDPR non-compliance. UK organizations may either be doing little to comply with the regulations or have failed to involve their staff in the preparations for the EU legislation compliance. According a recent survey commissioned by Office products specialist Fellows, nearly half (46.8%) of United Kingdom office staff do not know whether their companies have adopted any strategy or taken actions to guide their businesses to comply with the law.
The Fellows survey found widespread confusion with regard to the forthcoming EU personal data protection regulations. The current organizational structure and business operation models in the UK require significant adjustments to align them with GDPR legislation. The majority of UK-based companies are ignorant of the regulation and therefore risk legal consequences from May 2018. The research shows that 7% of workers felt that the organizations they work for were not aware of the new requirements. This finding implies that these companies are not involved in any significant work to secure compliance.
In a similar study conducted by McAfee, the findings indicated that 98% of the senior decision-makers do not know the provisions of the new legislation that apply to their organizations. This confirms the Fellow’s findings that close to 50% of the workers do not think their organizations are taking any actions to satisfy the requirements of the EU legislation.
The research also revealed how workers operate in total disregard to privacy regulations. According to the Fellow’s survey, 44% of the participants admitted they had seen confidential documents at work. In addition, 32% of them had accessed private emails and other documents belonging to their colleagues, while another 30% viewed someone else’s laptop. GDPR places stringent conditions on how data processors should handle personal information. In these cases, the UK firms run high risks of being penalized and facing other collateral damages.
Research reveals that many organizations are yet to establish systems and formulate policies that help to safeguard sensitive information. Illegal storage of data as revealed by the survey puts the users’ personal information at risk. The potential damage of such recklessness with private information could be irreparable under the new law. This explains why organizations are advised to develop robust systems to guarantee the protection of sensitive data.