UK IT Pros Better Prepared for GDPR than EU/US

The UK’s IT professionals are both more supportive of and better prepared for the forthcoming EU General Data Protection Regulation (GDPR) than their US and European counterparts, according to Spiceworks.

The professional IT network polled 779 IT professionals from the EU and US and found some surprising results that run counter to previous studies suggesting a sluggish response from UK firms.

Two-thirds (65%) of UK IT pros said they’re in favor of the sweeping new data protection regulation, versus 59% in the rest of the EU and just 37% in the US.

Plus, over two-fifths (43%) said they believe they’re informed about the regulation, while just 36% of other EU respondents and 9% of those in the US felt the same.

However, it’s not all good news. Although UK firms are leading the way in terms of their preparedness, only 40% have started compliance efforts, versus 28% in the rest of the EU and just 5% in the US.

Plus, 15% of UK IT pros said they have no plans to prepare for the GDPR in the next 12 months at all.

The regulation is set to come into force on May 25 2018, bringing with it major changes to the region’s privacy laws, and will apply to any firm in the world handling data on EU citizens.

That means 72-hour breach notifications and maximum penalties for non-compliance of €20m ($17.6m, £17.6m) or 4% of global annual turnover, whichever is higher.

“No matter if you live in the US or the EU, it’s important to at least start researching how GDPR may or may not apply to your organization,” said Brian Sandison, a network and server technician based in Scotland.

“IT departments have a duty to ensure management understands the requirements and implications of these regulations so they’re not caught off guard. Because if a company disregards the regulations and gets fined, the blame will more than likely be placed on the IT team.”

Previous studies this year have revealed that more than three-quarters (84%) of UK small business owners aren’t aware of the new regulation, while the ICO warned local councils in March that there’s still a long way to go before they’re compliant.

What’s Hot on Infosecurity Magazine?