Last week, a rather shocking report claimed that UK employees are more likely to be told off for failing to keep the workplace tidy than they are for breaching the GDPR.
86% of UK workers surveyed by office security firm Fellowes said that forgetting to do menial office tasks – like emptying the dishwasher or keeping their work area tidy – is more likely to get them into trouble than failing to meet the new General Data Protection Regulation.
The research, carried out in July this year, two months after the GDPR came into force, asked the views of over 1000 UK office workers.
It showed that 14% of workers have got into trouble for careless handling of confidential data, compared to the 17% who have been challenged over being late and missing deadlines, and the 25% who have been told off for failing to carry out office chores like emptying or loading the dishwasher.
GDPR compliance uneven
The rather casual approach to GDPR revealed by the survey is echoed by research carried out by data specialist Talend, quoted in an article by datanami.
The Talend research, carried out three months after the new legislation came into effect, showed that compliance is at best patchy.
It found that an estimated 70% of global companies have failed to comply with requests for personal data within the required one-month time period. Businesses within Europe are less proactive than those elsewhere – slightly ironically as it’s an EU regulation.
The worst offenders were retailers, with 76% failing to respond to individual requests for private data within 30 days. Although the financial sector performed better, still only about half managed to respond to data requests within one month.
The overall average response time was 21 days. The 22% of companies surveyed that responded within the GDPR time limit comprised streaming services, mobile banking and other technology vendors, leading Talend to comment that digital service companies seem to be ‘more agile when it comes to GDPR compliance’.
Data confidentiality an issue
Aside from meeting the required response times, confidentiality remains a challenge.
The Fellowes research found that there is still confusion around the correct disposal of documents, with documents including business contracts, printed emails and handwritten notes not being discarded correctly.
- 54 per cent of respondents said they had seen personal or confidential data they shouldn’t have
- 33 per cent of workers admit they have left confidential or personal data unattended
- 45 per cent have sent a confidential email to the wrong person
- 61 per cent have received an incorrect email from the wrong person
- 19 per cent have left a USB pen lying around somewhere
- 14 per cent have left confidential documents in public places
Familiarising yourself with the GDPR requirements
The two pieces of research show that GDPR compliance is still not being achieved consistently across UK organisations.
You need to understand the rules around handling of data and the requirements around letting your contacts know what data you hold, and how you use it.
If you need to refresh yourself on the detail of the regulation, you can read the ICO’s guidance on consent.
We share some helpful tips in this blog on how to avoid some potential GDPR pitfalls in your marketing.
A refresher on marketing compliance
How can we help?
At LS Consultancy, we offer a complete solution with a range of cost effective, regulatory compliance and marketing products and solutions including GDPR support that are uniquely suited to supporting firms.