Survey finds only three in 10 electrotechnical businesses have stringent cyber security policy ahead of GDPR

New survey findings show that less than a third of electrotechnical and engineering services businesses (29 per cent) have a stringent cyber security policy in place, according to research conducted by ECA.

Despite the upcoming General Data Protection Regulation (GDPR) being widely publicised, it appears that many organisations in the sector are not yet prepared to meet its requirements. The survey shows that 53 per cent of companies still need help understanding the GDPR.

In addition, 38 per cent of businesses either do not comply, or don’t know if they comply, with the existing Data Protection Act (DPA).  Compliance with GDPR is likely to be more difficult for these companies.  Twenty-one per cent of respondents said they are not currently preparing for the GDPR, which comes into effect on 25 May 2018.

ECA Director of Business Paul Reeve commented: “Many companies may be shying away from engaging with GDPR because they believe it will be hard to comply. Our advice to is to review your current personal data systems and procedures as soon as possible, and take a practical view of what needs to be improved, and the priorities for action. In many cases, compliance with GDPR need not be difficult or expensive, but it does require serious attention.”

GDPR, a new European personal data protection law, will require all businesses to review their position in relation to the storage of personal data, and to improve their current Data Protection procedures.

ECA has produced practical online information to help its members with GDPR, including a ten-step guide to meeting GDPR requirements, which can be accessed via www.eca.co.uk/GDPR. Comprehensive and definitive guidelines and recommendations are also available from the Information Commissioner’s Office (ICO), here.