Important changes in data protection are less than a year away. But are businesses prepared?

24/07/2017 By Annette White

To some, it feels like General Data Protection Regulation (GDPR) has been a hot topic for a while now. But recent research by BVA BDRC shows that just one in three businesses are actually aware of the new regulations (36%).

GDPR is an EU regulation that applies to all processing of personal data (collection, storage, distribution, retention, protection, security and transfer) and comes into force in May 2018.  It replaces the 1998 Data Protection Act and has some key differences; not least that non-compliant companies could be fined up to 4% of their global revenue. The UK has committed to implementing GDPR, regardless of its exit from the EU.

Of course, not all businesses hold personal data. BVA BDRC's Business Opinion Omnibus research, conducted in June 2017 amongst business owners and financial decision-makers, revealed only 53% said they handle personal data. Within this group awareness of GDPR was by no means universal at only 39%.

Of those who had heard of GDPR and will be affected by it, 66% have started to prepare. With less than a year to go, that is still a substantial number who have yet to give it proper consideration.

Barely a month goes by without a commercial data breach or security incident in the news.  So we asked businesses if the IT issues experienced by British Airways at the end of May had prompted them to take action in this area.  While some had taken steps such as seeking specialist advice or reviewing existing processes, three-quarters (78%) have not done anything. This was predominantly due to them perceiving that their business could not be affected by this type of incident. This perception was higher amongst those who had not heard of GDPR (63%) than those who had (49%).

Greg Berry, IT Director of the BVA BDRC Group, says, “As an ISO 27001 certified business, BVA BDRC already has robust processes in place.  But we recognise that many of these will need to be reviewed and updated to make sure we’re in line with the new requirements. We’re investing time now in understanding the scope and implications of GDPR, so that we’ll be ready when it comes into force next year”.

If you would like to place your own questions on this or any topic on the Business Opinion Omnibus, then please get in touch with Annette White.

Blogs

ChatGPT and Market Research (Part 1)

2nd Feb 2023

ChatGPT is everywhere right now! Whether user generated content, mainstream or specialist news, we’re all asking ourselves the same question about the latest chatbot: is it any good and what does this mean for the future?

Read more

Travel means business

29th Sep 2022

Attitudes towards travel are increasingly positive, according to the latest Hotel Guest Survey (HGS). The study reported an increase in those who had already booked to travel both domestically and overseas, as restrictions were lifted, with business travel on the increase.

Read more

Price sensitivity to international school fees

8th Apr 2022

BVA BDRC Asia analysed the price sensitivity to school fees via our annual Brand Equity and Market Insights study for international schools, and to qualify the rationale behind how parents evaluate school fees.

Read more

Is homestay a leader in CX?

31st Mar 2022

Hotels were known for providing and leading the way in customer experience, well before we even knew that it was a thing. Hotels are hospitality, and hospitality is CX.

Read more