Source: The Telegraph
In May next year, the Data Protection Act (DPA) will be replaced by the EU’s General Data Protection Regulation (GDPR), a framework with greater scope and much tougher punishments for those who fail to comply with new rules around the storage and handling of personal data.
While this new framework comes into place as the UK enters the process of uncoupling from the EU, the Great Repeal Act means it it is likely to be converted into British law.
The DPA dates from the 1990s, and a time when only the largest companies had the means to collect and store significant amounts of data.
In the intervening years, the ease and sophistication of data collection means that thousands of SMEs not only collect personal details, but store, move and access them online. Personal data is used in everything from sales to customer relationship management to marketing.
Cybercriminals have been quick to see the opportunity. In 2016, companies in the UK lost more than £1billion to cybercrime. Major data breaches have given criminals access to names, birthdates and addresses and even social security and pension information.
Moreover, a recent report from the Federation of Small Businesses (FSB) claims that SMEs are now more likely to be targeted by cybercriminals than their large corporate counterparts. Cybercriminals consider SMEs softer targets than their well-defended corporate counterparts.
Which is why the GDPR is considered long overdue by many authorities, and ignorance will be no defence for SMEs who fail to comply.
What does GDPR mean for SMEs?
Among many new conditions, one of the biggest changes SMEs will…
Click here to read more
