This week, a rather shocking report claimed that UK employees are more likely to be told off for failing to keep the workplace tidy than they are for breaching the GDPR.
86% of UK workers surveyed by office security firm Fellowes said that forgetting to do menial office tasks – like emptying the dishwasher or keeping their work area tidy – is more likely to get them into trouble than failing to meet the new General Data Protection Regulation.
The research, carried out in July this year, two months after the GDPR came into force, asked the views of over 1000 UK office workers.
It showed that 14% of workers have got into trouble for careless handling of confidential data, compared to the 17% who have been challenged over being late and missing deadlines, and the 25% who have been told off for failing to carry out office chores like emptying or loading the dishwasher.
GDPR compliance uneven
The rather casual approach to GDPR revealed by the survey is echoed by research carried out by data specialist Talend, quoted in an article by datanami.
The Talend research, carried out three months after the new legislation came into effect, showed that compliance is at best patchy.
It found that an estimated 70% of global companies have failed to comply with requests for personal data within the required one-month time period. Businesses within Europe are less proactive than those elsewhere – slightly ironically as it’s an EU regulation.
The worst offenders were retailers, with 76% failing to respond to individual requests for private data within 30 days. Although the financial sector performed better, still only about half managed to respond to data requests within one month.
The overall average response time was 21 days. The 22% of companies surveyed that responded within the GDPR time limit comprised streaming services, mobile banking and other technology vendors, leading Talend to comment that digital service companies seem to be ‘more agile when it comes to GDPR compliance’.
Data confidentiality an issue
Aside from meeting the required response times, confidentiality remains a challenge.
The Fellowes research found that there is still confusion around the correct disposal of documents, with documents including business contracts, printed emails and handwritten notes not being discarded correctly.
- 54 per cent of respondents said they had seen personal or confidential data they shouldn’t have
- 33 per cent of workers admit they have left confidential or personal data unattended
- 45 per cent have sent a confidential email to the wrong person
- 61 per cent have received an incorrect email from the wrong person
- 19 per cent have left a USB pen lying around somewhere
- 14 per cent have left confidential documents in public places
Familiarising yourself with the GDPR requirements
The two pieces of research show that GDPR compliance is still not being achieved consistently across UK organisations.
You need to understand the rules around handling of data and the requirements around letting your contacts know what data you hold, and how you use it.
If you need to refresh yourself on the detail of the regulation, you can read the ICO’s guidance on consent, and find out why some commentators believe GDPR is a bigger compliance challenge than MiFID II.
We share some helpful tips in our blog on how to avoid some potential GDPR pitfalls in your marketing, as well as specific advice on how to tackle GDPR requirements if you’re a regulated firm or small business.
A refresher on marketing compliance
The GDPR is just one element of the many and varied rules you need to follow as a marketer. If you want to refresh your knowledge of current regulations, you can download a free copy of our Marketing Guide to Compliance. You can get your copy of the Guide here.
Nothing in this document should be treated as an authoritative statement of the law. Action should not be taken as a result of this document alone. We make no warranty and accept no responsibility for consequences arising from relying on this document.