Over Half of UK Firms Failing on Privacy Compliance


Firms in the UK are struggling with a complicated patchwork of privacy regulations. More than half now have the belief that they are failing with compliance efforts. This is according to the latest research by Thomson Reuters.

The news wire surveyed data privacy professionals from global organisations with an average of 16,000 before and after the implementation of GDPR. The report found that UK businesses either have greater insight into their capabilities or are genuinely falling behind in terms of compliance.

57 per cent believe that their businesses are yet to meet global compliance requirements. This is up from 44 per cent in 2017. This is also compared with the global average of 48 per cent, which falls further to 42 per cent for US firms and only 31 per cent in France. On average, businesses in the UK are spending £840,000 each year to comply with global regulations. This includes GDPR.

The new powers granted to regulators of monetary fines up to €20 million, or 4 per cent of global annual turnover will be the first thing on the minds of directors. This is according to Jim Leason,  lead in customer proposition for Legal Professionals Europe at Thomson Reuters.

“Many businesses are getting less comfortable over their GDPR compliance. More businesses now than a year ago believe they are failing to comply with all of their global data privacy-related obligations. Obviously, the comfort level businesses have with compliance is heading in the wrong direction,” he argued.

“What also seems to be coming through from our research is a sense that businesses feel legislators and regulators didn’t anticipate the major workload that GDPR entails.”

UK regulator the Information Commissioner’s Office (ICO) said it has received over 14,000 breach reports since the introduction of GDPR. This is four times more than the previous 12-month period. Despite the argument that GDPR compliance is an ongoing journey, and that it prefers to educate and not penalise, we may soon see the announcement of major fines as a result of several investigations being published.

Join us for ECS UK

Join Whitehall Media’s 4th Enterprise Cyber Security conference where we bring together hundreds of cybersecurity and InfoSec specialists from both the public and private sector committed to protecting the largest organisations from a growing cyber threat. Covering secure systems, new threats and defences and the ways organisations can adapt to provide the best possible security for their customers and employees.

ECS UK will be held on 24th September 2019