30 May 2018

As the day the General Data Protection Regulation (GDPR) came into force finally arrived last week (25 May 2018), the Federation of Small Businesses (FSB) revealed concerns that many small businesses are still unprepared.

In addition, the website for the Information Commissioner’s Office (ICO) crashed under the demand for information about the new rules.

FSB Chairman, Mike Cherry, said: “GDPR is here and the likelihood is that many of the UK’s 5.7 million smaller businesses will not be compliant. It is concerning that the burden and scale of the reforms have proven too much to handle for some of these businesses and there is now a real need for support among the small business community.”

He pleaded for the Information Commissioner to apply a light touch to non-compliance but may well be knocking at an open door as Commissioner Elizabeth Denham has already said that she will not be looking to make early examples of organisations for minor infringements.

She also said that maximum fines will not become the norm which must be reassuring for many as she now has the capacity to impose penalties in the millions of pounds.

The Commissioner described predictions of massive fines under the GDPR are nonsense and said that businesses should take a common-sense approach to applying GDPR.

So long as they are being open and honest about the way they collect and handle data, and make sure that customers know what is being held and have the right to request the deletion of their personal details, small firms should not be as worried about applying the new rules as many appear to be.

There is much more guidance and advice in the Croner-i topic on GDPR available at app.croneri.co.uk.