Nearly half of all firms still unaware of EU data reforms
The EU General Data Protection Regulation may have already been passed - and the click ticking on the two years' grace before implementation - but nearly half of all companies remain unaware or only vaguely aware of the new rules, according to a new study.
The poll, carried out by Computing magazine, quizzed IT and regulatory chiefs at 100 medium-to-large organisations in the UK.
Just over half said they were aware of the GDPR but only 20% were well prepared. A further 26% said they have just started preparing for the regulation. However, a total of 44% were unaware or only vaguely aware of the new rules.
The findings chime with a recent survey by US consultancy TRUSTe across the US and Europe, which found that half of the companies were still in the dark about the changes.
A quarter of those polled said they will need to invest in new infrastructure or software to comply with the new rules, especially in areas such as security, data governance and identity and access management. A further 53% said they were unsure whether such investment will be necessary or not.
The study comes as the Information Commissioner's Office has pledged to take a proactive approach to ensure firms can get ready for the new laws.
Information Commissioner Christopher Graham told a recent summit with DMA members that the ICO will be creating a dedicated area of its website for the GDPR implementation phase. This will be slowly filled with detailed guidance on specific aspects of the regulation such as, the definition of personal data or consent.
He also said the ICO will continue to prioritise education and engage with organisations on how they can improve their data protection policy rather than go down the enforcement route.