by GDPR Associates | 9th January 2019 11:53 am
We’re now more than seven months on from the European General Data Protection Regulation (GDPR) deadline on 25 May 2018 – how confident are you that your small business is fully compliant?
A new survey of 1,000 small business owners has revealed that half are confused by the rules, according to the Independent.
This indicates that the data of millions of customers and employees are being left at risk as some small business owners admit they’re ‘clueless’ when it comes to data security.
GDPR for small businesses
90% of small businesses unprepared for GDPR deadline
What will 2018 bring for the self-employed? Our top 7 predictions
What type of business insurance do I need?
The survey was commissioned by Aon. Chris Mallett, a cybersecurity specialist for the firm, said: “As the results show, many businesses could be in breach of GDPR – most likely without even realising it.
“Visitors books, allowing staff to use their own mobiles for work purposes and even seemingly minor things like distributing sponsorship forms around the office carry risk.
“Yet these sorts of things are commonplace among businesses big and small across the UK.”
But we all know that not knowing the rules is never seen as a valid excuse, so read on to see if you’ve made these common security mistakes. They could see your small business slapped with a fine running into the millions.
Further contraventions by the small businesses polled include cases studies in training materials that reveal the full details of featured individuals (25 per cent), and distributing promotional images of employees that display their unobscured name badges (16 per cent).
Paper records were another hazy area for those surveyed. The results revealed that not all small businesses are aware of their responsibility to get rid of paper records securely and confidentially.
More than half aren’t aware of their obligation to get rid of paper customer records. That figure jumps to 71 per cent for staff records, 78 per cent for meeting minutes, and 81 per cent for visitor books.
Further to that, 10 per cent don’t realise that losing paperwork can count as a data breach and 36 per cent aren’t aware that posting, emailing, or faxing personal details to the wrong person could also be a breach, according to the Independent.
Did you know that you’re obliged to notify the Information Commissioner’s Office, as well as all those affected, if your business has a data breach that affects individuals’ rights? Six in 10 of the small business owners polled didn’t.
With the risk of being fined running high in the event of a data breach, it may come as a surprise that 45 per cent of business don’t even consider it when taking out business insurance.
The original article (and image) was originally posted here: https://www.simplybusiness.co.uk/knowledge/articles/2018/12/common-gdpr-mistakes-small-businesses-make/
Source URL: https://www.gdpr.associates/gdpr-mistakes-the-small-business-errors-that-could-result-in-a-hefty-fine/
Copyright ©2019 GDPR Associates unless otherwise noted.