02 May 2018

Why Are So Many SMEs Neglecting Their Preparations for GDPR?

Here at GDPR Design, we are committed to helping smaller business meet the demands of The General Data Protection Regulation (GDPR) which comes into force on the 25th May 2018. Not only do we endeavour to take the headache out of GDPR, we believe that  despite the unnecessary scaremongering surrounding the advent of GDPR, the new regulation represents a huge opportunity for small and medium enterprises (SMEs).

The GDPR is set to replace the 1998 Data Protection Act, which has become outdated in our ever-digital world. The new data protection regulation focuses on processing of personal data, that is, any data that could be used to identify an individual (eg. names, addresses, email addresses, phone numbers, etc.). Businesses of all sizes will need to review how they collect, store and process personal data, and in some instances seek consent from individuals to do so

Though this may sound scary for smaller businesses and start-ups, avoiding potential penalties and complying with the new regulations will not be the only way that your organisation will benefit from GDPR compliance. When businesses structure personal data, it is easier and more useful to use. Clearer insights can drive better decision-making, enabling SMEs to focus on what matters – their customers and what they really want.

Despite that fact that GDPR puts tighter restrictions on the use of personal data, marketers should certainly not have their head in their hands. Figures from the Centre for Economics and Business Research strongly suggest that a more sophisticated and focused approach to marketing and marketing data could increase small business’ sales by around 10% – or £122bn per year in the UK! That is the equivalent of around £21k per SME, so there is a lot more to lose than penalty fees and your reputation when it comes to failure to comply with GDPR.  Yet, still:

  • 40% of small businesses have spent no time preparing
  • 50% will not be ready for the 25th May 2018
  • 73% have no documented evidence of compliance

So with so much to gain and, equally, so much to lose, why are so many UK businesses lagging behind when it comes to GDPR preparations?

SME Team discussing GDPR

A lack of understanding

The opportunities coming out of the GDPR are not well understood, with less than half of small businesses identifying any benefits from GDPR compliance.

When it comes to compliance, there’s no ‘one-size fits all’ approach; your business’ preparations will largely be dependent on your existing business structure. Many SMEs still do not fully understand – or are largely unaware of – what GDPR means for them, as a result they are left in the dark about how to prepare for it. Even though personal data sits at the very core of GDPR, 69% of small businesses are still unclear what it is.

Seemingly unaffordable solutions

For SME’s third-party GDPR tools and software can be a great way of making preparation quicker and easier, with understanding of the regulation ‘built in’ .

However many small business – particularly new enterprises and start-ups – are presented with multiple, unaffordable solutions. For small businesses, who spend less than £1,000 per annum on average on similar goods, softwares and services, an entry level GDPR solution can cost five  to ten times as much. That’s why GDPR Design has created DataCAT. Our compliance tracking software makes GDPR-compliance accessible for all businesses, regardless of size,

Time Constraints

GDPR preparations can be time consuming, with recent research indicating that small businesses are taking up to 80 days to complete arrangements.

Small business should consider the positives and see preparing for GDPR as an investment. The opportunities that bring you closer to your customers through better data and understanding will quickly help you transform compliance into competitive advantage. Additionally, utilising the best digital tools for your business to manage the process can make compliance a far easier, efficient task.

Last-Minute Panics

Despite Wetherspoons’ drastic decision to delete its entire customer email database, there is no need for your SME to start entirely from scratch. The ICO explains that the GDPR signals an evolution in how we handle data, but, many smaller businesses are unsure about where to start with GDPR preparations and fear they may incur penalties. The key is not to panic!

GDPR Design’s easy-to-use software means that compliance doesn’t have to be complicated or costly. Our team are passionate about helping small businesses comply with the GDPR and take advantage of the opportunities it presents. With support from GDPR Design’s expert team, your SME can easily save time, effort and money.

For more information, contact us today.