•  Home
    Your Basket is empty


We are in business for your business,
Supporting you at every turn


Home / News & Opportunities / Member News

Date: 18/09/2017

A leading Worcestershire expert is warning businesses of the need to update their personal data security before new regulations come into place next year.

In Worcestershire for instance eight out of ten businesses were not aware of how the General Data Protection Regulation would affect their business. Of those 35 per cent didn’t know when they would start preparations.
The General Data Protection Regulation (GDPR), which replaces the existing UK Data Protection Act 1998 (DPA), will see businesses having to adhere to stricter data protection rules. Some of these include: maintaining records of personal data and taking on significantly more legal liability if the company is found responsible for a breach.
This comes ahead of the CBI's, Cyber Security Conference in London on Wednesday (14 Sept) of this week.
Peter Loomes, Director of Sandettie in Worcester says that businesses and public sector organisations are not aware of what the regulation will mean for personal data. Moreover, he states that even if a business is currently compliant with the Data Protection Act – preparing for the GDPR is no small task.
Peter said: "Having surveyed local businesses I was shocked to discover that 79 per cent of Worcestershire businesses were not aware or did not understand how GDPR would affect their business.  Further to this 35% of businesses didn’t know when they would start preparations."
It is expected that the current DPA regulation will move away from pure policies and procedures to a risk management approach with the implementation of the GDPR. All businesses regardless of size will need to undertake a risk assessment of the data they hold, before it's too late.
Cllr Ken Pollock, Cabinet Member with Responsibility for Economy and Infrastructure said: "The Malvern Hills Science Park has long put Worcestershire on the map for its expertise in cyber security and IT. Businesses should take heed of the warning that the GDPR will be implemented next year. The training is available from Sandettie and a number of experts and I would urge businesses to get on board as soon as they can."
Smaller businesses have seen an increase in the amount of prosecutions from the Information Commissioners Office (ICO). For some businesses this can be fatal, especially after reports of a small business falling into voluntary liquidation after a hefty fine.
Peter also disclosed that since 2015 there have been 19 enforcement notices particularly against local authorities.
Peter goes on to say: "Recently Gloucestershire Council was fined for £100,000. Many of these breaches have been for basic errors. I am certain that local authorities in particular are not preparing. However, the fines will only rise next year. I don’t think either the public sector or local businesses can continue to take this risk."