London (UK), November 2017 - Hundreds of thousands of UK businesses are in the dark about GDPR, with research finding that almost a third have never even heard of it. Learning provider Litmos Heroes has discovered that over 30% of UK businesses have done nothing to meet the new EU regulations, which come into force in May 2018. Worryingly, 10% aren't planning on doing anything about the regulation, despite the threat of fines of up to twenty million euros.
Despite the threat of high fines, almost a third of UK business leaders admit they have never even heard of the new EU General Data Protection Regulation (GDPR), a study from leading learning provider Litmos Heroes has found.
With less than eight months to go until the wide-ranging new EU regulations come into force, the research discovered that 28.6% of business decision makers are in the dark about the law changes.
Worryingly, more than 30% said they have done nothing at all towards becoming GDPR ready - and ten per cent said they don't plan to, despite the May 2018 deadline looming large.
The research of more than 500 UK business leaders and decision makers, which was carried out to mark the launch of Litmos Heroes' new GDPR course for global businesses and SMEs, also found that nine out of ten admitted that if the regulation were introduced tomorrow, they wouldn't be ready.
The GDPR was adopted into law by the EU Parliament in April 2016, and from 25 May 2018 it will apply to all companies processing and holding the personal data of people who live in the EU, regardless of where the business is located.
It was designed to make sure that data privacy was standardised across Europe, to protect citizens' data privacy, and to reshape the way that businesses right across the region think about and implement data privacy.
The penalties for failing to comply are potentially huge. Organisations that fail to meet the regulation can be fined up to four per cent of their annual global turnover, up to a maximum of twenty million euros.
Tom Moore, Managing Director of Litmos Heroes, said that now was the time for businesses to act. "I think this study has painted a really interesting - and slightly concerning - picture of how seriously some UK businesses are taking GDPR," he said. "Make no mistake, the new regulation is coming, and if you handle the data of any EU citizen - Brexit or no Brexit - it will apply to your business.
"Around a quarter of the people included in our survey said they didn't think GDPR would be strictly enforced, but come May 2018 they still need to be ready, because this is going to be enforced whether we like it or not.
"It's this stark picture - and the worrying lack of knowledge and general awareness about GDPR - that has encouraged our team to produce a need-to-know video training module to help businesses and leaders get GDPR ready."
The findings of the Litmos Heroes survey revealed that sixty percent of businesses haven't formed a plan to make sure that all staff who handle data are aware of GDPR. It also found that 6% of businesses don't currently comply with current data-protection laws, and 10% are fully aware that their own online safeguards are not sufficient to protect customers from cybercrime.
Regionally, businesses in the South East were found to be the least aware of GDPR, with over 44% admitting to knowing nothing. Almost 40% of businesses in the East of England and Yorkshire also confessed to knowing nothing.
Businesses in London were found to be the most clued up on GDPR, with just 16% saying they had never heard of it.
Businesses focused on IT services topped the sector specific list, with just eleven percent saying they hadn't heard of GDPR. But among travel and tourism firms, almost half (46.2%) said they were in the dark.