1. News
  2. Business
  3. Business News

Three out of four small and medium-sized businesses not ready for new data laws face huge fines

If firms aren't ready in time for the new laws next May they could be fined up to €20m (£17.6m) 

Click to follow
The Independent Online
The number of fines handed out to firms for breaking UK data protection laws almost doubled last year Reuters

Three-quarters of Britain’s small and medium-sized businesses are unprepared for the introduction of strict new EU data laws designed to protect people’s private information following a number of high profile data breaches, a merchant bank has warned.

According to a survey from Close Brothers, just one in four small and medium-sized enterprises (SMEs) in Britain have begun their compliance preparations ahead the new rules that come into effect next May, risking huge fines as a result.

Failure to be ready in time could see firms fined up to €20m (£17.6m) or 4 per cent of their annual global turnover in the worst cases, Close Brothers said.

  • Read more

Uber hid a cyberattack that exposed 57 million users' data

The General Data Protection Regulation (GDPR) will introduce more stringent requirements around how firms maintain records of personal data, and will force companies to provide greater transparency to the public when breaches occur.

The research shows that just one in three SMEs are currently aware of GDPR’s implications.

“Some of the rules sound deceptively simple, but many firms will struggle to cope because they don’t even have a clear idea of what data they currently hold on customers, or where and how it is stored,” said David Thomson, chief executive of Close Brothers’ invoice finance and rentals division.

“Making an investment now in order to prepare and protect your business is essential if you do not want to risk incurring significant financial penalties – or the major reputational damage that a public breach of the new regulation would undoubtedly cause,” he added.

Business picture of the day

Business picture of the day

  • 1/7

    Bitcoin saw a volatile week in which it reached highs of $11,000 before dropping down by more than a fifth on Wednesday.

  • 2/7

    Jeremy Corbyn told investment bank Morgan Stanley that it is right to regard him as a threat.

  • 3/7

    RBS announced plans to close 259 branches, costing 680 jobs, in response to customers migrating towards online and mobile-banking services. In total, 62 RBS branches and 197 NatWest outlets will be shuttered by the middle of next year.

  • 4/7

    Thousands of Morrisons staff are due a payout after a court ruled that the supermarket was liable for a huge data leak. Disgruntled colleague Andrew Skelton leaked the payroll data of nearly 100,000 staff in 2014, including names, addresses, bank account details and salaries. Morrisons had denied liability in the case, which had been brought by 5,518 current and former staff.

  • 5/7

    Mark Carney warned that Brexit could reduce the bonuses bankers receive after Britain leaves the EU

  • 6/7

    Victoria Beckham’s fashion business received a cash injection of £30m from an investment firm spearheaded by the man behind the rise of French bakery Paul in the UK. Funding from private equity group NEO Investment Partners will go towards opening more Victoria Beckham-branded stores and expanding the fashion retailer’s online presence, the company said.

  • 7/7

    Fortnum & Mason faces recruitment crisis as EU nationals look to leave UK, according to their chief executive Ewan Venters

The number of fines handed out to firms for breaking UK data protection laws almost doubled last year.

According to figures from the UK’s Information Commissioner’s Office (ICO) analysed by professional services firm PwC, the number of fines for data protection breaches rose from 18 in 2015 to 35 in 2016 – amounting to £3.2m in total.

In October 2016, TalkTalk was fined a record £400,000 after a cyber-attack led to the personal details of 157,000 customers being stolen.