Most UK workers ‘do not know about GDPR legislation’
According to a new survey, most UK companies have not informed their workers of the upcoming European Union (EU) General Data Protection Regulation (GDPR).
It comes into force in the UK next year and will change the way that personal information is handled by companies. It will enforce strict fines on businesses that suffer data breaches, as well as impose restrictions on what companies are allowed to do with people’s data. It replaces the Data Protection Act of 1998.
The survey, by Netskope, revealed that some 70 per cent of workers said they have not been told about GDPR. This is compared to just three in ten workers, of 2,000 employees, who said they were aware of it. A total of one in five said they have been offered “plenty” of information about the changes.
A total of 63 per cent of those surveyed said they had never heard of the legislation, with 13 per cent saying they had a general understanding of it.
Speaking to ITPro.com, Netskope vice-president of the EMEA region André Stewart said: “Organisations have a lot of work to do in order to educate employees on the GDPR and the safe data handling behaviour needed to achieve compliance.
“Employers will need to show that they have trained their employees on the GDPR to achieve compliance. The amount of effort put into coaching employees on secure data handling is likely to be one of the questions regulators ask when deciding whether to penalise organisations.”
It means that cloud security has to become a real focus for enterprises, with the UK government planning to introduce equivalent legislation when the country leaves the EU. The fines for not protecting people’s information will be up to four per cent of a business’ annual turnover, or €20 million (£17 million), whichever is the larger sum.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.