FSB Raises Concern Over Small Business Community’s Readiness for GDPR

With less than a month to go until the new data protection laws, commonly referred to as GDPR, come into force, research shows that many small businesses are still in the dark when it comes to the impact the changes will have on their business.

Research by the Federation of Small Businesses (FSB) found that around two thirds (68%) of small businesses had either not started or were only in the initial stages of GDPR preparation.

The FSB is warning that many small firms may not be compliant ahead of the May deadline and is calling on the Information Commissioners’ Office (ICO) to take an understanding approach to enforcement ensuring that small businesses have time to get GDPR ready.

The FSB National Chairman, Mike Cherry, said: “As the GDPR deadline swiftly approaches, there is a real danger that many small businesses are yet to have adequately prepared for the changes.  Fortunately, for these businesses, there is still time on the clock to start, or finish, their preparations.“The GDPR is the largest shake-up of data protection laws for years, and whether you are a personal trainer or a consultant, most businesses will have to implement changes to their current practices to make sure they are complying with the new rules.

“Given the extent and the breadth of the changes, it is clear that a majority of small businesses will not be fully compliant before May 25 and will most likely not be compliant when the changes hit. With this in mind, it is critical that the ICO manages non-compliance in a light touch manner with the focus being on education and support, not punishment.”

Mike Cherry, said: “As we move closer to the 25th May, we can expect a rush of smaller businesses approaching the ICO for support and advice. When this hits, all eyes will be on the ICO and whether or not they have the ability and resources to effectively deal with these enquiries. We cannot have a situation where businesses are taking time out of their busy day to get GDPR compliant and are left hanging on the line.”

Speaking on Radio 4 the ICO confirmed that their approach will be one of support in the early days, particularly in relation to smaller businesses who can demonstrate they have tried to be compliant, even if they have actually misunderstood the implications of the changes on their business.  Advice will be issued rather than fines in the first instance, with time allowed for businesses to become compliant.


The ICO’s website contains lots of advice and guidance for businesses of all sizes and types on managing the transition and becoming compliant – click here to visit the ICO today.

This entry was posted in SME News, Uncategorized. Bookmark the permalink.

Comments are closed.