<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=l615x&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"/> <img height="1" width="1" style="display:none;" alt="" src="https://t.co/i/adsct?txn_id=l615x&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"/>


Is anyone actually ready for GDPR?

Is anyone actually ready for GDPR?

Anyone who spends any time looking at HR related social media will have noticed the dominance of General Data Protection Regulations (GDPR) in posts over recent weeks. It’s as if the whole HR profession has ignored something that was announced two years ago and as the deadline for compliance gets increasingly closer there has been some form of mass panic.

The implementation of GDPR will according to research conducted by the Cybersecurity and Information Resilience division of the British Standards Institute (BSI) affect 97percent of businesses, but the same research identified that just 5percent of businesses claim that they will be compliant with the regulations when they come into force on 25th May 2018.

Not being compliant with the stricter rules concerning data protection that GDPR will impose could be an expensive mistake. With the supervisory authorities suspected to be keen to find companies to use as an example to encourage greater compliance we can expect to see them imposing fines up to the maximum 20million Euros or 4percent of an organisation’s annual global turnover.

When there is a big data security problem at a big organisation it makes the TV news bulletins and the front pages of the tabloids. We don’t hear about the smaller businesses that are affected by the same sort of incidents, yet 20percent of businesses have had a data compromising incident in the past 12 months. The problem is bigger that you would think, and it is getting more difficult to comply. The Data Protection Commissioner reported 2,795 valid data security breaches in 2017, an increase of 26% from 2016.

You can have all the organisational systems and processes in place that it is possible to create, but the weakest link in your data protection are your employees. Over half of organizations surveyed by the BSI highlighted their concern regarding the role of their employees in GDPR compliance.

It is a weak link that is relatively easy to secure, but over 50percent of organizations do not provide data protection training to employees.

You need to have a member of the senior management team who leads every activity related to data protection but only 20percent of organisations take this relatively simple step that could create a strategic approach to data protection, get things done and save a lot of money.

This senior manager will need resources to achieve compliance, people, time and money, yet 64percent of businesses are expecting employees to achieve compliance whilst also completing all their other workload.

Data protection is as important as physical security, just as you have someone in the organisation who has the key to the front door and knows the burglar alarm code you are going to need someone who will have responsibility for ensuring that the data the organisation holds is secure, a data protection officer (DPO). This is going to be an ongoing responsibility. But 63percent of organisations do not have someone who has been allocated this role. Of the organisations that have a nominated DPO only 27percent have trained that person.

It seems that many organisations are scratching the surface when it comes to the wider implications of GDPR. More than 40percent of businesses are not aware of the Privacy Impact Assessments (PIAs), and only 12percent claimed to have a good knowledge of what is a key additional requirement of GDPR. A PIA is a risk-based assessment that is used to ensure that the rights and freedoms of individuals are protected when an organisation processes any of their data. and alarmingly the research revealed that over 40 per cent of organizations surveyed weren’t aware that PIAs will be a mandatory requirement and only 12 per cent claimed to have a good knowledge of PIAs.

There’s a lot of talk surrounding the GDPR, but with just days to go to implementation day this BSI research shows that organizations are still unprepared and don’t fully understand what’s required of them. With the right sort of training becoming GDPR ready is less complicated, less expensive and less daunting than many businesses think.”

Data processing is an issue for everyone and awareness levels are increasing – the recently published Data Protection Commissioner annual report highlighted that complaints had increased by 79 per cent compared to 2016. The figure is anticipated to be even higher in 2017.

It is important to remember that the new General Data Protection Regulation was set up to benefit everyone and having the right systems in place is not only good practice but will ensure that organizations build trust and transparency with their customers and minimise privacy and security risks for the future.

You can find more information about GDPR training at Work Place Learning Centre


E-mail me when people leave their comments –

During a career as a human resources and employee development professional that started in 1981 Michael Millward has worked around the world in a wide range of businesses from start-ups to major conglomerates. His industry experience includes, local and national government, manufacturing, financial services, retail, distribution, hi-tech, e-commerce.

You need to be a member of DPG Community to add comments!

Join DPG Community

What's Happening?

Just starting the Using Information in HR module, and mulling over potential research methods while doing the e-lessons. Feeling slightly apprehensive about a more hands-on module, but also excited to get started on a new module!
Lisa Hodgkiss and Alex Visser are now connected
18 hours ago
Tamasin Sutton and Lidia Grisi are now connected
21 hours ago
Katie Stanley and Lisa Hodgkiss are now connected
Richard Spencer and Graeme Wright are now connected
Anne Morton and Maisie Green are now connected
Molly Murphy updated their profile photo
Rushna Younis posted a discussion
Cherie Turrington updated their profile
Rob Scragg and Laura Ferrie joined DPG Community
Niti Sharma updated their profile photo
Susan Toft, Adrian, Emma Jamieson and 3 more joined DPG Community