Small businesses still have a lot of catching up do with regards to the General Data Protection Regulation (GDPR). With just under a month left until the new legislation goes into effect, the small business community is hoping that the Information Commissioners Office (ICO) will be lenient. Small businesses have struggled with GDPR from the beginning because of the lack of resources that are easily attainable for bigger businesses.
The latest research carried out by the Federation of Small Businesses (FSB) discovered that a large portion of small businesses are still unprepared for GDPR. Two thirds (63%) of respondent had not either started their GDPR compliance or were only in the very early stages of doing so.
It is expected that a large number of small businesses will not be GDPR complaint, come May 25th. Therefore, the FSB is calling on the ICO to be lenient and help small businesses rather than penalise them. Small businesses don’t have the abundance of resources and finances that bigger businesses have to get compliant quickly.
Mike Cherry the Chairman of FSB commented: “As the GDPR deadline swiftly approaches, there is a real danger that many small businesses are yet to have adequately prepared for the changes. Fortunately, for these businesses, there is still time on the clock to start, or finish, their preparations. The GDPR is the largest shake-up of data protection laws for years, and whether you are a personal trainer or a consultant, most businesses will have to implement changes to their current practices to make sure they are complying with the new rules.
“Given the extent and the breadth of the changes, it is clear that a majority of small businesses will not be fully compliant before May 25th and will most likely not be compliant when the changes hit. With this in mind, it is critical that the ICO manages non-compliance in a light touch manner with the focus being on education and support, not punishment.”
When the research was carried out earlier in the year, it was found that 52% of the businesses wanted to approach the ICO for help and advice. This also needs to be realised by the ICO because they will need to be prepared for the high volume of enquiries.
Mike Cherry adds: “As we move closer to the 25th May, we can expect a rush of smaller businesses approaching the ICO for support and advice. When this hits, all eyes will be on the ICO and whether or not they have the ability and resources to effectively deal with these enquiries. We cannot have a situation where businesses are taking time out of their busy day to get GDPR compliant and are left hanging on the line.”