During the inquiry, SecureData commissioned a Vanson Bourne survey of 100 senior IT managers in large UK enterprises (more than 1,000 employees) across the financial services, manufacturing, retail, distribution/transport and other commercial sectors.
Results showed that a high proportion of senior IT managers (94 per cent) have some level of responsibility regarding compliance.
Key findings include:
- 72 per cent of respondents from the largest businesses (3,000 employees+) said the draft data protection rules would cost their business more
- Limited agreement (64 per cent and 58 per cent) that the proposed regulations would improve business security processes and consumer data protection
- 40 per cent think the proposed 24-hour deadline for notifying individuals of a data breach would advertise security weaknesses before an appropriate security review could be completed
- 36 per cent fear "false alarms" from pressures to notify of data breaches quickly to avoid fines
- 26 per cent envisage their enterprise outsourcing the new data protection officer job role requirement
Carl Shallow, head of compliance at SecureData, comments: “Consumers may have a right to be forgotten, but hard-working growth businesses have a right to be remembered. The new internet economy is vital to Europe’s economic recovery and the need for increased data protection must be finely balanced with freedoms for technological and business model innovation. Fears overs unintended collateral damage from this legislation clearly need to be reviewed.
“Across the enterprise questions must be asked about exactly what is sensitive data and where does it reside. There is frequently an abundance of ‘lost’ unstructured data siloed across the largest organisations’ IT estates. The new act is an ideal opportunity to review data governance procedures and management solutions.”
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.