Four in 10 directors not “aware” of GDPR

Around four in 10 directors are not aware of how the General Data Protection Regulation (GDPR) will affect their business – amid warnings that organisations face massive fines if they fail to prepare.

The figures, published by the Institute of Directors (IoD), clearly show that businesses need further support before GDPR is introduced in May 2018.

Replacing the Data Protection Act, GDPR will enhance the protection and limit the use of consumer personal data, and brings with it heavy fines for those companies which flout the rules – up to 20 million euros for the biggest of businesses.

Jamie Kerr, head of external affairs at the Institute of Directors (IoD), said: “On the one hand a lot of people either don’t know about it, don’t understand or don’t know whether they’ll need to be compliant with it, and on the other hand those that do are setting in place the right structures to make sure they are.”

Mark Taylor, ICAEW technical manager, added: “Quite frankly I’m not surprised by the figures from the IoD.

“They’re in line with the conversations we’ve been having with members, the public and other professional bodies, so this is not unsurprising.”

Of those who were aware of GDPR, around 86 per cent were “very” or “somewhat confident” of being compliant by the 21 May 2018 deadline.

“I’m positive about the figures with regards the levels of businesses that feel confident that they’re going to become compliant,” added Mr Taylor.

“It shows that while not every director is necessarily aware, companies are making good progress towards becoming compliant – so that’s a useful statement in itself.”

Awards and Accreditations

Get in touch

Get in touch

If you would like to see full details of our data practices please visit our Privacy Policy and if you have any questions please email