A recent report by the National Cyber Security Centre (NCSC) showed that many charities, particularly smaller ones, do not realise the value of the personal, financial, commercial and other data they hold to cyber criminals and last week the Government published figures to show that two in ten charities (19%) had suffered a cyber breach or attack in the past 12 months.
Now, research conducted among over 300 third sector organisations shows that 76% admit there is still work to be done before they achieve full GDPR compliance.
Carried out by software and services company Advanced, it reveals that 56% identified consent as the top priority for their GDPR planning, with uncertainty about the interpretation of GDPR representing the biggest obstacle to progress, according to 48% of respondents. Only 5% thought they were ready for the new regulation.
Advanced managing director for the commercial and third sector Mark Dewell said: “It is both worrying and unsurprising that only 5% feel ready for the regulatory roll-out despite the threat of significant fines and other punitive measures for failure to comply.
“It’s obvious that GDPR remains at the top of the charity sector agenda, and although progress has been made, there is still a way to go before many are GDPR ready. Uncertainty around consent and data retention seem to be presenting the biggest worries for the third sector, with many concerned that their potential fundraising totals will be affected."