New research out today (3rd October) has revealed that almost half (47%) of UK office workers don’t know whether their company is taking action to comply with the new European General Data Protection Regulation (GDPR). The study found widespread confusion that could cost UK businesses millions of pounds in non-compliance fines when the regulation comes into effect on 25th May 2018.
Office products specialist Fellowes, which commissioned the survey of 1000 office workers, found that one in 14 (7%) of employees believed their company was not aware of the new regulations, which aim to give citizens control over their personal data.
Almost half (44%) of respondents admitted they had seen printed confidential documents at work, whilst a third (32%) had accidently seen private emails and documents on their colleague’s screen in the office.
A massive 20% of UK office workers (over 3.2 million*) also admitted to never shredding work documents, leaving them vulnerable to prying eyes.
GDPR criteria states that any company which processes or stores personal information relating to European citizens must comply with the stringent new laws relating to data privacy and storage. This includes any personal data kept on file, whether physical or digital.
It is not just inside the office where people need to consider compliance, as 30% of people admitted to having viewed someone else’s laptop during their commute. Businesses must ensure that even when working on the go, their employees are preventing others from obtaining information on their customers and contacts.
The new regulations will protect consumers against companies that hold inaccurate and unneeded data about them, as well as ensuring greater emphasis is put on prominent and unambiguous customer consent with the ability to withdraw at any time.
Darryl Brunt, UK Sales and Marketing Director at Fellowes comments: “Despite the impending GDPR deadline, our research shows that many companies don’t appear to have systems and policies in place to protect sensitive information. If this data is then stored illegally – or falls into the wrong hands – the damage caused to the organisation could be irreparable.
It’s essential for businesses to have robust systems in place to protect personal and confidential documents – including the secure shredding of obsolete sensitive paperwork. British businesses that don’t comply with the new GDPR from May next year could face huge fines of up to £18m or more.”
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/