New research has found that the majority of UK small to medium-sized businesses (SMBs) in the UK know what needs to be done to comply with GDPR.
A study by the Data & Marketing Association (DMA) carried out in November 2019, 18 months after the introduction of GDPR in May 2018, found that despite 68% of respondents claiming they have “good” or “moderate” awareness of GDPR, a follow-up question indicates that the respondents still have some lack of understanding.
Respondents were asked a variety of questions including what types of data their business collects, stores or uses, to which 73% of respondents answered data on existing B2B customers, followed by data on existing B2C customers (68%) and employees (67%).
Respondents were also asked which types of data, their business is in contact with, applies to GDPR. The DMA found that in regards to customer data, 63% agreed that GDPR applies, whilst 59% thought it applied to supplier data.
Tim Bond, head of insight at the DMA, said: “While most of the data and marketing industry has long been aware, understood and implemented the necessary strategies to be compliant with the GDPR, there is a concern about knowledge gaps and training made available to smaller and medium-sized businesses. Of greatest concern is that 38% of them appear to believe that the GDPR does not apply to customer data they may acquire and process.”
Just 10% of the SMBs surveyed believed they were fully compliant with GDPR during the time of the research. A further 65% said they were either “half-way” or “three-quarters” of the way towards compliance, whilst the other quarter admitted to being in the “early stages” of GDPR compliance.
Catch the replays and discover the best talks from Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.