17% of organisations lack plan for GDPR

Almost one in seven charities and other organisations do not have a plan in place for the General Data Protection Rules (GDPR), which will come into force in little over seven months.

According to research from the DMA, a worrying number of organisations are unprepared for the enhanced regulations, which will provide stringent rules regarding the use of data.

The majority of people surveyed believe their organisations are on track and some (4%) believe they are ahead of their plans to be compliant by May 2018. But a further 17% are falling behind. This is up from 11% in May 2017.

When asked about the preparedness of their organisation, just 58 per cent of respondents said their business was ready for the changes. This is despite 85% of businesses having implemented their plans for GDPR, which is more than ever before.

Awareness and preparedness has risen among individuals, however, with around 80 per cent of people surveyed rating their awareness as ‘good’ and 74 per cent describing themselves and feeling somewhat or extremely prepared for the changes.

“The GDPR is a watershed moment for organisations to make data protection a core brand value, placing respect for privacy at the heart of their brand proposition,” DMA Group CEO Chris Combemale said.

“We should use the new laws as a catalyst to transform the way we speak to customers, making every engagement human-centric. This will enable organisations to build trusted, authentic and transparent relationships with their customers.”

Some of the key concerns for organisations are consent and legacy data, while priorities remain updating privacy policies, integrating compliance systems, auditing current state and data management breach processes.

A study published earlier this year by the Transform Foundation found more than nine out of 10 charities specifically are concerned they will not be compliant with incoming regulations in time.

Surveying 179 charities and not-for-profits, the foundation found 83 per cent report their knowledge of the GDPR as 'patchy' or 'weak'. More than 46 per cent felt their chances of being ready in time for the May 2018 deadline were 50/50 or worse.

Over 93 per cent of respondents were uncertain they will be ready in time, while 68 per cent were anxious or uncertain about how they will handle the changes.

The GDPR are European Union regulations that aim to give the public more control over how charities and other organisations collect and use their data.

    Share Story:

Recent Stories


Charity Times video Q&A: In conversation with Hilda Hayo, CEO of Dementia UK
Charity Times editor, Lauren Weymouth, is joined by Dementia UK CEO, Hilda Hayo to discuss why the charity receives such high workplace satisfaction results, what a positive working culture looks like and the importance of lived experience among staff. The pair talk about challenges facing the charity, the impact felt by the pandemic and how it's striving to overcome obstacles and continue to be a highly impactful organisation for anybody affected by dementia.
Charity Times Awards 2023

Mitigating risk and reducing claims
The cost-of-living crisis is impacting charities in a number of ways, including the risks they take. Endsleigh Insurance’s* senior risk management consultant Scott Crichton joins Charity Times to discuss the ramifications of prioritising certain types of risk over others, the financial implications risk can have if not managed properly, and tips for charities to help manage those risks.

* Coming soon… Howden, the new name for Endsleigh.