Business leaders are less confident about being ready for new GDPR regulations than they were eight months ago, as the deadline draws near.
A poll of 700 bosses by the Institute of Directors (IoD) reveals that six in ten company directors say they are confident their organisation will be "fully compliant" with the new GDPR data protection laws which come into force from 25 May.
However, many businesses are still not ready and the findings show that business leaders' confidence in their preparations has declined over the past eight months as the sheer scale of the regulations has become clear.
Many business leaders are also less sure about how the new rules will affect their firms, with around 40% reporting they are not confident or are unsure as to how GDPR will impact their company.
In August 2017, 43% of businesses polled by the IoD said they were "very confident" that they would be fully compliant by the deadline; in April this year, only 16% of directors had the same level of confidence.
Jamie Kerr, IoD head of external affairs, said: "GDPR has been a long time coming for businesses, but it is only proving more formidable as the deadline looms and companies drill down into the detail. The regulator has assured small businesses that there will be not be a sudden inquisition once the rules enter into effect, but with such large penalties for non-compliance, firms must assess what they have to do to avoid falling foul of the legislation, and they must do so soon."
Small businesses, in particular, are finding it difficult, said Kerr. "The overriding impulse amongst company directors now is simply to follow the rules. However, SMEs, who are facing a whole host of competing priorities and generally cannot rely upon dedicated compliance teams, are still finding it difficult to digest the sheer scale of the legal changes.
"The Government's immediate priority should be to ensure the ICO has the resources it needs to make a big final push to assist small businesses in the run-up to this month's deadline".