British businesses are spending an average of £1.3m to comply with the EU’s upcoming General Data Protection Regulation, new research has revealed.
The UK is only surpassed by Germany in terms of GDPR spending, according to an EfficientIP survey of 1,000 businesses with more than 1,000 employees. German firms are shelling out an average of £1.42m, the survey found.
The research also revealed that 74 per cent of UK businesses are confident they will comply with the regulation when it comes into effect in 100 days on 25 May. UK firms are the most confident of any in Europe, but North America’s are more confident still.
“Our research shows businesses have never been so close to regulatory compliance,” said Efficient IP’s Herve Dhelin. “There is still some work to do, but it is encouraging to see nearly three-quarters of businesses are ready.”
Elizabeth Denham, the UK’s information commissioner, has warned that many organisations will not be fully compliant when GDPR comes into effect.
But in a speech to public sector leaders earlier this month she said her office would treat firms fairly if they fall victim to a data breach and take measures to resolve it.
“I know that when 25 May dawns, there will be many organisations that are less than 100 per cent compliant,” she said. “But if you self-report a breach, engage with us to resolve issues, can demonstrate effective accountability arrangements, you will find us to be fair. Enforcement will be proportionate and, as it is now, a last resort.”