A new investigation by Delphix has uncovered some worrying information about GDPR non-compliance in the UK, with many businesses unaware of their failings to meet their obligations under GDPR.
Despite the fines and penalties involved in GDPR non-compliance – as can be seen from the recent British Airways fine – many organisations seemed unaware of the need to be careful with personal data.
Employees revealed that they are often unaware of whether they are GDPR compliant or not, with some showing little concern about the matter. One chief information security officer (CISO) even admitted to lying to their CEO about the company’s compliance levels.
As reported by DataCentreNews:
“These confessions should come as a wake-up call to the C-suite,” says Delphix CTO Eric Shrock.
“It is clear that the vast majority of top-level execs are blissfully unaware of how easily accessible their highly sensitive data is,” he adds.
“Pair that with growing frustration amongst developers looking to acquire data quickly and we have the perfect recipe for disaster.”
You can read the full article from DataCentreNews here: https://datacentrenews.eu/story/ceos-falsely-led-to-believe-company-is-gdpr-compliant-delphix
That data protection awareness is not better at the very highest levels of business should be a major concern. It’s often at these levels that people have the most access to personal data.
Data protection and awareness of GDPR should always be incorporated into business processes by design and default. By implementing this philosophy, the kinds of lapses that Delphix uncovered are much less likely to occur.
It’s also important that data protection training be carried out across the entire organisation, from both the lowest level employee to the highest. Anybody within an organisation can be responsible for a data breach; improving awareness of a company’s GDPR non-compliance starts by educating the workforce.
Here at Activa Consulting, we offer a range of staff training options, both in-person and online, to help minimise the risk of data breaches and the resulting fines. If you’re concerned about your compliance levels, get in touch with us today!