SMEs ‘unprepared for GDPR legislation’

Almost half (46%) of small and medium-sized enterprises (SMEs) have not heard of the new data protection regulations coming into force next year. 

Retail bank Aldermore surveyed 1,003 business owners and found only 9% fully understand the forthcoming General Data Protection Regulations (GDPR).

Due to take effect from 25 May 2018, GDPR will provide customers with new rights to ask businesses to erase their personal details.

In the past 2 years, 22% of SMEs and their customers have been directly affected by data breaches. 

In addition, 55% of SMEs were concerned about the impact cybercrime could have to their business, while a further 39% fear a significant financial impact from cyber-attacks.

Carl D’Ammassa, group managing director of business finance at Aldermore, said:

“The GDPR is the biggest shake-up in data protection to date and the results are worrying when looking at the amount of businesses that are unaware of the impact it will have on them.

“Data privacy, the appropriate use of customer information and breach notifications all need to be taken incredibly seriously.  

“We hope the EU’s new regulation achieves what it sets out to do and strengthens the resistance of businesses against the threat of a data breach.”