With less than one month until the introduction of the new General Data Protection Regulation (GDPR), the Federation of Small Businesses (FSB) is warning small and medium-sized enterprises (SMEs) that time is running out for them to prepare.
The business group stated that small businesses face an ‘uphill challenge’ in ensuring that they are compliant by the date when GDPR takes effect of 25 May 2018.
Under the new rules, organisations which collect, store and process individuals’ personal data will be subject to new obligations, with an increased emphasis on accountability and transparency.
The financial penalties for failing to comply are severe, with fines costing up to €20 million or up to 4% of total annual worldwide revenue, whichever is the greater.
Mike Cherry, National Chairman of the FSB said:
‘As the GDPR deadline swiftly approaches, there is a real danger that many small businesses are yet to have adequately prepared for the changes. Fortunately for these businesses, there is still time on the clock to start, or finish, their preparations.’
‘The GDPR is the largest shake-up of data protection laws for years, and whether you are a personal trainer or a consultant, most businesses will have to implement changes to their current practices to make sure they are complying with the new rules.’
Further information on the GDPR can be found on the ICO website.