European privacy laws meaningless for SMEs

Six out of ten SMEs say they are not up-to-date on the European privacy laws which will come into effect in 11 months time. Nor are they up-to-date on the enormous penalties for non-compliance. This according to research by MKB (SME) Servicedesk among 3200 companies. They say there is hardly any information by the government.

From 25 May next year the General Data Protection Regulation (GDPR) will replace the data protection directive. All European member states will have the same privacy regulations. “Companies have to start working on this. They need to know if and how they will be affected by this”, according to Willem Overbosch CEO of the online platform.

Penalties
Brussels has announced heavy fines for companies that do not comply with the law, of up to 20 million Euro for the larger companies or 4% of the worldwide turnover if that is more. Strict norms will be put into place for the storage and use of client data and companies will get a higher level of responsibility. “This will mean a number of technical, administrative and organisational measures” according to Overbosch. One out of every five SMEs has taken some measures or will do so shortly. Business consultancies and commerce appear to be the least informed about the new laws. 75% of companies of less than 6 employees were not at all aware of the new laws. Elsewhere in Europe it is the same. Research in Belgium showed that 84% of SMEs were unaware of the new privacy rules.

MKB Nederland
The research shows that the Autoriteit Persoonsgegevens – AP – (personal data authority) needs to do quite a bit of work, says MKB Nederland in response to the research. “Instead of focusing on the penalties which AP seems to do, it should put itself in the SME´s place finding a way in this complicated law. In the end we all want to comply to the new law.”