A YouGov study has revealed that the majority of UK businesses are unaware of new data protection rules that come into play in under a year.
These findings come despite 18 per cent of businesses admitting the maximum fine for non-compliance would force them out of business, and 14 per cent saying it would lead to large scale redundancies.
The YouGov study of 300 businesses, which was commissioned by law firm Irwin Mitchell, found that only three in ten firms have started preparing for the new General Data Protection Regulation (GDPR) which begins on 25th May 2018.
GDPR represents the biggest change to how businesses process personal information in 25 years, and it replaces existing data protection laws.
Under the new rules, the maximum fine for certain data breaches in the UK will rise from £500,000 to either €20 million (£17.4 million) or four per cent of global turnover, whichever is higher.
Despite the enormity of this potential cost, 71 per cent of manufacturers are unaware of the new fines and 18 per cent said they would go out of business if they received the maximum penalty.
Joanne Bone, partner and data protection expert at Irwin Mitchell, said: “These results are concerning because with next May’s deadline fast approaching and so much at stake, our study reveals there’s a very real possibility that the majority of manufacturers will not be compliant in time.”
The notification of certain data breaches where there is an impact on privacy, such as a customer database being hacked, or a letter being put in the wrong envelope, must be given to the Regulator within 72 hours of the new regime.
However, Irwin Mitchell’s study found that only 24 per cent are certain that they would be able to identify a data breach within their organisation, and only 28 per cent say they would be able to notify the relevant stakeholders within the required timescale of three days.
Bone continued: “Contrary to popular belief, personal data is not just consumer information. It’s hard to think of a business today that does not use personal data. Whether you have employee data, customer data, or supplier data, if the data relates to an individual you will be caught by the new data protection laws.
The survey also revealed that only 18 per cent of manufacturing businesses view the new data protection rules as an opportunity, and only 11 per cent think the rules will have a positive impact on their organisation.
Dorrian Peters, manufacturing sector specialist at Irwin Mitchell, said: “It is important to recognise that taking a proactive approach towards GDPR compliance will potentially reap financial benefits. The opportunities for manufacturers to take advantage of the Big Data Revolution and embrace Industry 4.0 to become more profitable are real and this is forcing manufacturers to improve the connectivity of their business. Good data governance is a crucial part of this, indeed it will be essential to achieve the future state of a digitally integrated supply chain.”