With the deadline for the General Data Protection Regulation on May 25th nearing, a study by Ensighten has found that 45% of UK businesses expect to be fined for failure to be GDPR ready.
Given that GDPR is the most significant overhaul of data protection rules in years, it has long been recognised as a monumental task by many industry experts.
>See also: 5 things you can expect to happen after the GDPR deadline
The study which investigated UK marketers attitudes to data governance has found that some businesses have even gone as far as putting money aside to cover possible fines, while 61% of respondents would apply for an extension on the deadline if they had the choice.
Just 26% of UK marketers state they are “very confident” that their data governance procedures are robust enough to be deemed compliant. The majority of businesses are doubtful they’ll be compliant on time and to the right standard, in addition to 7% that admit to not having implemented any GDPR-related actions yet.
GDPR ready marketers
For marketers who are underway with GDPR preparations, 63% state they have new policies in place to increase the quality of data they will receive after 25th May. However, according to the survey most businesses are not thinking holistically and are exposing themselves to risk. Fewer than half (47%) of marketers are enforcing new policies on partner data acquisition, which may leave them exposed to GDPR non-compliance.
>See also: How to turn GDPR into an opportunity for your business
Ensighten’s study cites a lack of accountability within businesses to be central to this lack of preparedness, with many organisations having no clear consensus regarding who should be in charge of GDPR compliance.
The findings also suggest that while marketers are working to become GDPR compliant they are not educating their customers on why they need their data.
Ian Woolley, Chief Revenue Officer, at Ensighten commented: “Educating consumers on how their personal data is used and why their permission is needed is essential to building consumer trust and gaining their opt-in consent. GDPR is not just a legal hurdle to jump. Whilst brands are putting money aside for fines, they should not underestimate the damage to their reputation and business from not educating customers now.”