The enforcement date for the General Data Protection Regulation is looming ever closer. With all the build up and planning, is everyone ready? According to one government survey (released January 2018), 38% of businesses and 44% of charities say they have heard of the GDPR. Of those that are aware of it, only around a quarter of them have made changes to their operations. Creating or changing policies was the most common cyber security change recorded. The information also suggests that larger businesses and charities have greater awareness of the GDPR.

The overall awareness five months ahead of the GDPR was surprisingly low, which isn’t a good sign. It is less surprising that larger organisations have greater awareness, and most likely have larger legal and compliance teams on the case. It should be noted that when things go wrong, it’s usually the largest companies making the headlines (the current Facebook incident is an example) but this doesn’t mean that smaller organisations should assume they will fly under radar.