Are you ready for GDPR?

It has been described as the biggest shake-up in data protection laws for a generation. But how ready are you for GDPR?

Nearly half of at small and medium sized business owners have not heard of the EU General Data Protection Regulation, according to a report this month.

And less than one in ten UK SME bosses understand new GDPR rules that come into force next May.

These new rules that are coming in regardless of Brexit are aimed at strengthening data protection and there are tough punishments for those who fail to comply with them.

At the heart of the legislation is the handling and storage of personal data – and it is legislation that will affect businesses of all sizes and in all sectors.

But according to the survey nearly half (46 per cent) of all SMEs bosses, representing more than 2.5million firms in the UK have not even heard of it.

Among the changes, GDPR will introduce a duty on organisations to report certain data breaches to the relevant authority and, in some cases, to the individuals affected, in a strict timetable.

Customers will have the right to access and to ask if you are holding information on them, why and where you are keeping it.

They will also have the right to be forgotten which requires firms to erase all their information.

Industry figures have also revealed that two thirds (66 per cent) of SMEs have been victims of cyber-crime since their launch, highlighting the risk of a breach of the new laws happening.

Failure to comply with the new laws, which include regular data protection audits, could be very costly, with fines of up to £20 million or four per cent of their annual turnover for the most serious violations.

However, there is not just the risk of a fine. Breaches can have an effect on the reputation of a business and failure to comply with the laws could mean organisations are unable to use the data they have.

The message is straightforward and it is clear businesses need to act now to ensure they are ready for next May.

To discuss any of these issues that may be affecting your business, please contact me on 01772 430000.


I manage the affairs of a portfolio of clients in a wide range of industries. In managing the audit and accounts department of WNJ, I always keep abreast of the latest technical information and legislative changes. Clients receive advice based on commercial awareness not simply historical reporting.

Audit and assurance services for large range of clients, including charitable companies and pension schemes, Internal audit and systems reviews, Assisting and development of business start-ups.