Employee behaviour ‘a threat to GDPR compliance’

Employee behaviour is ‘a threat to GDPR compliance’ [Image: Yuri_Arcurs via iStock]

UK businesses are at risk of significant financial penalties, as their staff ignore company policies around confidential data, according to new research from Sharp.

The study found that one in 12 office workers (eight per cent) has had access to confidential information that they should not have had. Meanwhile, nearly one-quarter (24 per cent) of employees admitted to storing work information in the public cloud, despite not being permitted to.

File sharing and taking confidential data out of the office were also widespread, the research revealed, with nearly one-quarter (23 per cent) using public file sharing sites without their employer’s approval. Almost one-third (31 per cent) of workers were revealed to have ignored office protocol by taking work home to complete.

However, the HR field was also implicated, with 30 per cent of respondents from HR departments admitting to storing information in the public cloud, potentially jeopardising personal data.

Sharp said that with the General Data Protection Regulation (GDPR) coming into force in May next year, businesses will be subject to huge maximum fines for certain breaches. The company said this should make the adoption of robust data protection policies and practices a priority.

Stuart Sykes, managing director at Sharp Business Systems, said: “It is up to businesses to find the right balance between modern ways of working and secure data sharing. When you also consider that 75 per cent of the workforce is now mobile and 81 per cent of employees access work documents on the go, businesses need to do more to keep up with their workers.”

Security and privacy expert Dr Karen Renaud, from the University of Glasgow, added that the results showed a need for businesses to provide better support for employees. She said that while businesses continue to require or implicitly overlook insecure behaviours, there will always be a threat to security.