Nearly half of SMEs ‘unaware of new data protection rules’


Businesses are being urged to prepare for landmark new data protection regulations after a study revealed that almost half of firms are unaware of the changes.

A survey carried out by specialist lender Aldermore found that some 46% of SMEs questioned had not heard of the new General Data Protection Regulation (GDPR), despite substantial penalties for businesses that do not comply.

Just 9% of respondents said they fully understand the implications of the legislation, which comes into effect on 25 May 2018.

Under the new rules, organisations which collect, store and process individuals’ personal information will be subject to new obligations, with an increased emphasis on accountability and transparency.

The legislation covers a number of areas including: condition for consent; the right for customers to access data; the right for customers to be forgotten; and the right to rectification and objection to profiling.

Commenting on the findings, Aldermore’s business finance group managing director, Carl D’Ammassa, said: ‘The GDPR is the biggest shake-up in data protection to date and the results are worrying when looking at the amount of businesses that are unaware of the impact it will have on them.

‘Data privacy, the appropriate use of customer information and breach notifications all need to be taken incredibly seriously. This is made especially apparent when one considers the increased sanctions businesses face if they don’t keep to the new regulations’.

Further information on the GDPR can be found on the ICO website –