Many organisations felt unprepared for the launch of the General Data Protection Regulations (GDPR) deadline, various polls suggest, but experts are reassuring business owner that they still have time to put measures in place.
A recent report by Crowd Research Partners found that 60 per cent of businesses affected by the GDPR felt they were unable to get everything prepared for today.
Meanwhile, a study released earlier this month by IBM revealed that only a third (36 per cent) of more than 1,500 business leaders surveyed believed they would be fully compliant by today, although 84 per cent thought being able to prove they complied with the GDPR would differentiate their company, and 76 per cent felt the regulations would build trust between them and their customers.
A report by the Ponemon Institute, which was published last month and examined more than 1,000 companies in the US and European Union, found that two in five (40 per cent) thought they would not be entirely compliant until after 25 May, while a further 8 per cent said they did not know when they would be compliant.
“Ideally, HR professionals should have revisited their data protection practices detailed in employment contracts, staff handbooks and company policies, and ensured that the business is GDPR-ready and compliant,” Keely Rushmore, senior associate at SA Law, told People Management. “However, it’s not too late and taking the right steps now is essential to avoid more confusion and, at worst, a hefty fine.”
Matthew Pinto-Chilcott of Consensus HR comments “When we knew this was coming, we ensured all our clients were made fully aware of the new GDPR Regulations and what they had to do within their business and with their teams. This involved all employees being shown the new GDPR Policy and what this entailed together with the changes such as no costs and replying within one month. All employees were asked to confirm a change to their Contracts of Employment with a new paragraph added on GDPR with a GDPR HR Audit carried out for each member of the team. A detailed instruction manual / forms was also made available for clients to ensure ease when introducing to their company. I must say however that many found it time consuming due to ensuring that all members of their team were properly / reasonably informed. We now wait to see the first ET case and any precedent set”
Some of our previous blogs discusses GDPR in more detail:
- Preparing for the General Data Protection Regulations (GDPR)
- 12 Steps – Preparing for the General Data Protection Regulations (GDPR)
- The Arrival of the new General Data Protection Regulations (GDPR)
Hayley Kirton of People Management– 25thMay 2018 discusses further.