The new GDPR regulations are coming in to effect in just a few short weeks, but according to a survey completed recently, many SMEs are still wholly unprepared.
Russell Richardson, a secure shredding specialist, completed the survey involving over 900 SME business owners (March 2018) found that 75.4% of businesses didn’t shred all their documentation. This might be seen as a non-issue; however, it appears that few businesses really understand what is meant by “personal data”.
In fact, it would found that only 31% said they were clear on what it meant (though there was no determination as to the accuracy of their beliefs), 19% said they weren’t clear at all and 50% of respondents replied they “sort of” knew what personal data meant.
Worryingly, when people aren’t sure, they don’t seem to be taking the approach of being cautious, and destroying everything “just in case”. Instead, they are keeping hold of it, which ultimately means they could find themselves being in breach of the new guidelines.
A lot of focus has been given to the online and digital storage of information, whether that be for employees, clients, customers, or potential leads. The same attention does not seem to be given to paper based records, which are just as vital.
There is a real worry among many that businesses will be caught on the hop when the new guidelines come in to play early next month, and could find themselves being fined for improper storage of information.
Currently, the UK’s Information Commissioner’s Office (ICO) can fine up to £500,000 for failure to comply with data laws; however, the new rules allow the GDPR to fine a company up to €20 million (£17.5m) or 4% of its annual turnover, depending on which is higher.
As a result, this really isn’t something that people should be putting off. Certainly not with the deadline looming.
If you still haven’t managed to get your head round everything you need to be doing as a business (regardless of size or industry), then get in touch with People Matters today. We can help you make a plan, and let you know what your obligations and responsibilities are.