Nine out of 10 UK CIOs 'concerned' about EU's new data protection laws

Organisations face fines of up to four per cent of global turnover under new EU data protection laws

A whopping 87 per cent of UK CIOs are concerned that their organisation might be exposed under the upcoming General Data Protection Regulation (GDPR), a new report has found.

The report, commissioned by Egress Software, asked 200 UK CIOs how concerned they are about the new regulations, which will become law in 2018. Only 13 per cent said they were not concerned at all by GDPR, but the majority (61.5 per cent) said that they were ‘a little concerned', and more than a quarter (25.5 per cent) said they were 'very concerned'.

The GDPR represents a major change in the way that personal data must be managed for any organisation that does business in, or with, the EU.

They will need to make sure they are able to delete all of a consumer's personal data quickly and completely from their systems, on request. There will also be mandatory reporting of serious data breaches and organisations will be expected to know what data might have been affected - within 24 hours, if possible.

And organisations found to be in breach of the regulation face hefty fines of up to four per cent of global turnover.

The findings from Egress's research chime with the conclusions of a report commissioned by software-as-a-service (SaaS) provider Intralinks at the end of last year. It found that more than half of global companies expected to be fined for non-compliance with GDPR, and that two-thirds of worldwide companies would review their business strategies in EU countries in the next year.

Last month, Computing carried out an online poll of about 100 medium-to-large organisations and found that only 20 per cent were well prepared for GDPR, with a further 26 per cent stating that they have just started preparing for the regulation.

Surprisingly, a total of 44 per cent were unaware or only vaguely aware of the new rules.