New research from Egress has found that almost half of all UK businesses are compliant with GDPR. The research polled 250 ‘GDPR decision-makers’ from companies of all sizes and sectors in the UK. Whilst half of the companies (52%) reported they were not fully compliant, 48% rated their businesses as fully compliant.
Key findings from the research
It has been over a year since GDPR came into force and key findings from the research can help us to understand the state of compliance across businesses in the UK. The report showed that 70% of respondents were positive about GDPR and almost half of the respondents rated their firms as “mostly compliant.”
The research points to positive trends on how businesses are prioritising GDPR compliance. Recent big fines hitting companies such as Marriott International and British Airways, have encouraged businesses to pay attention to achieve compliance. Only one third said compliance had dropped down the priority list over the past year. Businesses reported that ICO fines raised the profile of GDPR within their businesses.
The root cause of reported data breaches
Analysis of the research points to human error as a major reason for reported data breaches. 60% of data breach incidents reported to the ICO in the first six months of 2019 were caused by human error and 37% of the businesses reported at least one incident to the ICO in the past 12 months.
Jamal Ahmed, lead Privacy and GDPR compliance consultant at Kazient Privacy Experts comments, “It is very encouraging to learn that nearly half of all businesses are fully compliant with GDPR. Customers and other businesses are becoming increasingly aware of who they choose to do business with according to how well personal information is protected and how committed an organisation is to safeguarding their privacy and that of their stakeholders.”
Areas of investment
The research also looked into areas of investment over the past year. At the top of the list for most companies was investing in implementing new processes around the handling of sensitive data (28%). Following this, 18% of businesses invested in better auditing and employment of a data protection officer or additional compliance staff. Considering recent increases in cyberattacks, it is great to see 17% of respondents investing in technology.
Overall, it is positive to see companies taking action to stay compliant with GDPR but importantly, more needs to be done to ensure more companies move towards “full compliance” with the regulation.
Kazient Privacy Experts offer bespoke Data Protection, Privacy and GDPR compliance solutions in a language you understand to UK and international organisations, and has received positive media coverage across Europe. Kazient’s GDPR consultants are fully certified to be your outsourced Data Protection Officer or EU Representative. Get in touch to find out how we can help your business by visiting our website www.kazient.co.uk or calling us on 0330 022 9009.