Small business bosses lack understanding of GDPR rules
Less than one in ten small business owners understand the new EU General Data Protection Regulation, while nearly half admit to not having heard of it.
As a result, many have not taken the appropriate steps to prepare for the regulation, the latest small and medium sized business owners Future Attitudes study from Aldermore shows.
The lack of knowledge regarding the new framework, designed to boost data protection within the EU, is a concern as tough punishments will exist for those not meeting the regulations.
Applicable from May 2018, the rules relate to how personal data is stored and handled by businesses.
Despite only being a matter of months away from inception, 46% of SME bosses revealed they were unaware of it – equating to around 2.5 million firms.
Businesses will also need to report some types of data breaches, as well as providing customers with a right to be forgotten if they request their data be deleted.
Given that around two thirds of small firms have been the victim of cyber-attacks since launching, many will need to improve their security systems to meet the new regulations.
Despite a lack of awareness of GDPR, 55% of business owners in the Aldermore study said they are concerned by cyber-crime and its potential impacts.
Around 39% also said that a breach could have a significant financial impact on the state of their business, both in terms of lost sales and in costs associated with correcting the issue.
Where firms are operating on tight financial budgets, such financial losses may be difficult to recover from and may even force a business to consider appropriate insolvency methods.
This issue could be particularly paramount as businesses could face fines of up to £20 million or 4% of their annual turnover if they breach the new regulations.
In the worst instances when all other avenues are exhausted, liquidation could be the only option for firms.
Regular data protection audits form part of the regulation in a bid to reduce the number of data breaches occurring across the UK business network.
Given the potential circumstances, small business owners will want to stand up and take notice of GDPR and data security.
By Phil Smith