GDPR and small business

Business owners and IT decision makers can do plenty to prepare.

The GDPR — it’s for big businesses, right? No: If you handle customer data then you need to pay attention, because the General Data Protection Regulation concerns you and your business.

What is the GDPR?

We’ve covered the GDPR in the past, but in essence, it’s EU legislation that tells businesses — big and small — how to handle customer data. It brings up to date laws and codes of conduct that were in need of a twenty-first-century refresh.

But we’re leaving the EU!

The GDPR will still affect UK businesses; the UK government has already agreed to follow the GDPR, even after Brexit. So yes, UK businesses still have to comply.

What’s the damage?

To find out just how ready UK and EU businesses are for the GDPR, Kaspersky ran a survey, asking hundreds of small-business owners and IT decision makers for their thoughts on the GDPR.

Here are a few observations on the findings:

  • Just 25% of SMBs are prepared — only a quarter of small to medium-size businesses are ready for the GDPR!
  • The UK, Germany, and France have the best level of awareness ahead of the GDPR.
  • Two in five IT decision makers, the people who are mostly responsible for implementing large parts of the GDPR in their businesses, feel overwhelmed by the changes.

What can I do?

Business owners and IT decision makers can do plenty to prepare.

First, education is key. Find out how well your business knows the regulations by heading over to the GDPR regulation page here.

Second, get a broader view of the landscape by downloading the full Kaspersky report (there’s a quick form to fill in at the bottom of this page).

Third, don’t panic! You still have plenty of time to get everything in place before the regulation comes into force in 2018. With planning and preparation, the transition will be a smooth one.