GDPR Update: Is almost compliant is good enough?

According to a new study by Egress, only half of firms believe that they are fully compliant with GDPR, whilst the other half have taken a more laissez-faire approach to the legislation, believing that ‘almost’ compliant will do.

The study found that the majority of compliance effort was put in prior to GDPR being enforced, and significantly dropped off once the new data protection law was in place. The ICO’s delay in awarding fines has served to relax the attitudes of many organisations. Even the large fines recently dished out to BA and Marriott failed to rejuvenate a mass compliance effort, with only 6 per cent of UK organisations saying that the ICO’s decision resulted in them revisiting their GDPR observance.

According to an article in Decision Marketing  the greatest level of investment in the past 12 months has been made on implementing new processes to govern the handling of sensitive data, followed by the auditing of what data is collected and why. This is a positive news for the direct marketing sector as responsibility to data is now the single most important part of a below the line campaign. As a result we are seeing increased interest in data hygiene solutions that keep data as up to date as possible in as near to real time as possible. This is why Mortascreen is proving to be a successful GDPR compliance tool as the lag time between death and appearing on the file is minimal meaning that organisations can suppress the data of any of their customers that have sadly passed away within days; not months. Demonstrating commitment to the principles of Article 5 under GDPR.

The study found that the least investment went to providing GDPR training with just 7 per cent citing that as an important part of their compliance regime.

With a number of new initiatives in the pipeline such as GDPR certification taking a more relaxed approach to data protection is not a wise move. Whilst ICO is not currently focused on minor infringements, there will come a time when ‘almost’ is definitely not good enough. For further information on how Mortascreen can fit into your compliance effort please don’t hesitate to contact us.