The UK’s information commissioner Elizabeth Denham
has urged businesses to be incentivized by the benefits of GDPR data security
compliance, rather than the possible consequences.
In a video addressing boardrooms across the
country, Denham stated that businesses should not waste any time in preparing
for “the biggest change to data protection law for a generation”.
As a result, she urged companies to act swiftly in
ensuring they are compliant with the upcoming GDPR regulations, which are due
to come into force on May 25th, 2018.
But she insists that businesses should not be
motivated by fears surrounding the consequences of non-compliance.
Instead they should look at the advantages of
having a strong data protection system.
“If your organization can’t demonstrate that good
data protection is a cornerstone of your business policy and practices, you’re
leaving your organisation open to enforcement action that can damage both
public reputation and bank balance,” Denham added.
“But there’s a carrot here as well as a stick: get
data protection right, and you can see a real business benefit.”
Her comments may well fall on a few surprised ears
over the coming weeks, with research from IDC earlier this month indicating that just
one-quarter of companies claim to be aware of GDPR.
This comes despite new rules regarding consent, as
well as broadened European privacy rights, fines for non-compliance that could
go into millions of euros, as well as tightened procedures and public disclosure
in cases of a data breach.
Additionally, 52% of companies said they were
unsure of how GDPR would impact their organization.
The ICO is subsequently doing its best to raise
awareness for UK companies, with an updated data protection toolkit for SMEs set to go live on its
website, as well as an Information Rights Strategic Plan, which aims to increase
public trust.
There will also be a relaunch of the ICO’s 12 steps to take to prepare for GDPR.