The Regulation, due to be discussed again by the EU Commission, European Parliament and the Council of the EU on June 24, is predicted to be ratified in the next 12 months and in place during 2017.
It will bring with it huge fines for data breaches, sweeping changes for every company that handles the personal data of European
citizens and new rights for data subjects to call for information held about them to be edited or deleted.
But The Crown Records Management/Censuswide Survey of IT decision makers at UK companies with more than 200 employees, undertaken in April 2015, revealed some shocking results: almost one third of IT decision makers in the insurance sector are totally unware of the changes – the worst across all sectors, while 32% will wait for the final details of the Regulation before taking any action at all.
John Culkin, Director of Information Management at Crown Records Management said:
“These results shows UK businesses, and particularly those in the insurance industry, are worryingly uniformed when it comes to preparing for the EU General Data Protection Regulation.
“But the important question is not just whether businesses are worried or not, but whether they are being proactive and taking early action to prepare.”
The good news for the insurance industry, however, is that when it comes to preparing for the new Regulation, those who are aware of the changes are actually some of the most proactive in the UK.
The survey results also revealed that 60% of respondents in the insurance sector are reviewing policies in preparation for the EU General Data Protection Regulation. This compares to just 39 per cent of those in facilities management.
52% in the insurance sector are planning a staff training programme (compared to only 33 per cent in the pharmaceutical industry), while not a single person stated they ‘don’t plan to do anything’ to prepare for the new Regulation. Seven per cent in the banking and accountancy sector agreed with that answer.
Culkin added: “It’s a big concern that a third of businesses in the insurance sector are unaware of the big changes ahead; but very encouraging to see that staff training is being taken seriously by those in the know. Especially when you consider 80 per cent of data breaches stem from human error.
“There also seems to be an acceptance that information policies will need to be reviewed; and that’s important. Our advice is that waiting too long to undertake an information audit and make positive changes could be a very dangerous game.”
|