According to a study carried out by Talend, 74% of UK organisations failed to address requests from individuals seeking to obtain a copy of their personal data within the one-month time limit required by GDPR.
In fact, there was only a 17% compliance rate in the companies polled, with the final 9% of firms split with delayed or incomplete responses.
Talend senior director of data governance products Jean-Michel Franco said: “It’s clear that, when it comes to GDPR, data subject access rights are the Achilles' heel of most organisations. Despite it being very easy for anyone to check, most organisations don’t comply.
"There is a great deal of work to do in this area. A delay, or complete lack of a response, will only continue to damage free-falling consumer trust in how organisations store and organise their data.
“Consumers are now feeling more empowered to put companies and regulators under pressure to ensure that their rights are respected, whether through individual complaints or group action, as we’ve seen recently with a huge spike in reports to the ICO, up by 160%.
“Firms must do more to regain the trust of their customers and be aware that they risk very significant fines and further reputational damage in the event of non-compliance – both of which could prove potentially fatal to a business.”