62% of businesses cannot name any changes GDPR will bring
70% of business have not identified the steps needed to be GDPR compliant
ISME, the Irish SME Association today (12th January) published the results of its General Data Protection Regulations survey (GDPR). The report gives a breakdown of GDPR compliance among SMEs and the actions taken to date on GDPR compliance. The survey focused on knowledge, compliance and actions to be taken in light of GDPR.
The General Data Protection Regulation will come into force May 28th 2018, replacing the existing protection frameworks under the EU data protection directive. ISME is actively encouraging its members to be aware of the changes that will come into effect from May 28th 2018.
Commenting on today’s report ISME CEO Neil McDonnell said “Today’s results paint an interesting picture of GDPR compliance. We received a very healthy response to this survey, which tells us businesses are curious about it. One of the main findings is that businesses are aware of GDPR, but know very little about the intricacies of compliance.”
“The impact of non-compliance of GDPR on a business could be serious, as there is a serious fines regime in place to discourage it. Businesses must take these new measures seriously.”
“In order to sure SMEs are GDPR-ready, we will be holding bespoke SME GDPR training sessions in February to assist businesses in the transition period.”
The main finding from 507 respondents were as follows:
Only 7% of businesses of businesses have completed their GDPR plan.
60% of respondents use and collect Personal Data.
30% are unsure if what they hold is considered Personal Data.
83% of respondents are aware of GDPR
Only 38% could name any of the changes that GDPR will bring
30% of business have identified the steps/actions needed for their business. 70% have not.
76% of businesses are concerned about GDPR.
32% of businesses are planning to use an outside resource to help with their GDPR action plan.
67% of business would like to see training offered on GDPR
41% of business have a staff member who is responsible for overseeing compliance with data protection and preparing for the GDPR.
Senior Business Consultant David Waldron from CloudStrong said“Based on the results of the recent ISME survey, it is evident that SME owners are concerned about GDPR compliance. The challenge is to upskill those SMEs in adhering to best practices that protect all Personal Data they possess in paper or electronic format.”