With less than a year until your business needs to be GDPR compliant, we’re starting a new series to keep you abreast of the latest developments. Your GDPR Update will provide the latest news in one short burst, to compliment your journey to compliance.
The legislation, which will formally introduce the GDPR into UK law, has had its first reading in the House of Lords. Whilst the majority of the GDPR will apply flatly to all countries, the EU does allow for some wiggle room, which will alloq individual countries to set their own standards.
In the UK bill, the age at which parental consent for data processing is no longer needed, as well as specific exemptions for academic research, financial services and child protection will all be considered. Discussion by peers about the bill begins on 10th October.
Research by Aldermore, a specialist lender and savings bank, reveals some worrying figures about the UK’s understanding of the GDPR. The report suggests that only 9% of SME owners in the UK fully understand what the GDPR actually means for their business.
Whilst it’s easy to put this down to the complexity of the new regulation, the report suggests that 46% – nearly half – of all SMEs bosses, representing more than 2.5million firms in the UK, have not even heard of the GDPR.
Some companies are considering deleting their data to avoid the process of compliance. Earlier in the year J D Wetherspoon reported that it had deleted its entire customer email database in order to avoid fines.
This week, at Computing’s IT Leaders Forum, Morgan Hunt’s IT Director Mark Dooley said: “The power of the delete key is satisfying at the moment.” He continued: “There’s a conflict between the requirements of the GDPR, and big data needs which state – keep as much as you can, because you never know when it might be useful in future.”