Believe it or not, it’s been almost five months since the GDPR came into force.
International statistics suggest that 70% of businesses are unable to address individuals’ requests for copies of their personal data – a core element of Articles 15 and 20 of the regulation. Many other companies said they had struggled to get their policies and procedures up to scratch and admitted they were adopting a ‘head in the sand’ approach.
As of September 2018, the Information Commissioners Office (ICO) was yet to prosecute any non-compliant organisation. But that doesn’t mean they’re not going to, and it’s expected that those falling behind will be identified in the very near future.
It seems that a lot of businesses don’t want to draw attention to the fact that they weren’t compliant with the GDPR when it came into force on 25 May. Instead, they are taking no action and remaining non-compliant.
There are two points that we really want to stress here:
1) Admitting that you aren’t currently compliant will not, in itself, result in a fine or you being reported to the ICO. This would only happen if a breach has occurred since the 25 May 2018 which is reported to the ICO.
2) Remaining non-compliant simply isn’t an option. The GDPR is law, therefore, if you don’t comply, you are breaking the law.
We have recently been talking to many companies in and around the Sheffield City Region who have reached out for help, acknowledging that running the risk of non-compliance simply isn’t worth it.
Don’t be afraid to ask for help. It isn’t too late and within just a few days, we could get your organisation compliant with all your data security requirements.
TecSec is an IASME certified body with the GDPR gold standard, and we are also an IASME Certification Body. This means we can work with clients to bring you in line with the IASME standard, and compliant with the GDPR – helping you to avoid a hefty fine should you be found to breach the regulation.
To put your business’ data security in the safest hands, just get in touch with us today.