Almost a quarter of UK businesses have recruited to deal with GDPR – but hundreds of thousands of businesses are still in the dark, research finds

Learning provider Litmos Heroes discovers that almost a third of UK businesses have done nothing to meet the new EU regulations, which come into force in May 2018


But almost a quarter have brought in a new employee to make sure they comply


Worryingly, ten per cent plan to do nothing about the regulation despite the threat of fines of up to 20 million Euros


Almost a quarter of UK businesses say they have brought in a new employee specifically to make sure they comply with new EU General Data Protection Regulation (GDPR), a study from leading learning provider Litmos Heroes has found.



With the threat of fines of up to 20 million Euros looming and less than eight months to go until the wide-ranging new EU regulations come into force, the research discovered that 22 per cent deemed it so important they have recruited new staff to tackle the changes.


In stark contrast, 11 per cent of the 500 UK business owners and decision makers that took part in the survey admitted they don’t know which team member would handle the responsibility of making sure the business was GDPR-ready.


And 60 per cent admitted that they don’t have a plan in place to ensure current staff are trained and know what is expected of them after the May 25, 2018, deadline.


The study also found that almost 30 per cent of UK business decision makers are totally in the dark about the law changes.


More than 30 per cent said they have done nothing at all towards becoming GDPR-ready – and ten per cent said they don’t plan to.


The research, which was carried out to mark the launch of Litmos Heroes’ new GDPR course for global businesses and SMEs, also found that nine out of ten admitted that if the regulation was introduced tomorrow, they wouldn’t be ready.


Tom Moore, Managing Director of Litmos Heroes, said that now was the time for businesses to act.


“Our study has painted a really interesting picture of how seriously some UK businesses are taking GDPR and it’s good to see that around a quarter of businesses have recruited new talent to tackle the GDPR changes head on,” 



“However, the findings also raise a number of concerns and it seems that some businesses need to be reminded that the new regulation is coming, and that if they handle the data of any EU citizen – Brexit or no Brexit – it will apply to them.


“Around a quarter of the people included in our survey said they didn’t think GDPR would be strictly enforced, but come May 2018 they still need to be ready, because this is going to be enforced whether we like it or not.”


“It’s this stark picture – and the worrying lack of knowledge and general awareness about GDPR – that has encouraged our team to produce a need-to-know video training module to help businesses and leaders get GDPR-ready.”


The GDPR was adopted into law by the EU Parliament in April 2016 and, from May 25, 2018, it will apply to all companies processing and holding the personal data of people who live in the EU, regardless of where the business is located.


It was designed to make sure that data privacy was standardised across Europe, to protect citizens’ data privacy and to reshape the way that businesses right across the region think about and implement data privacy.


The penalties for failing to comply are potentially huge. Organisations that fail to meet the regulation can be fined up to four per cent of their annual global turnover, up to a maximum of 20 million Euros.


The findings of the Litmos Heroes survey also revealed that six per cent of businesses don’t currently comply with current data protection laws and ten per cent are fully aware that their own online safeguards are not sufficient to protect customers from cyber-crime.


Regionally, businesses in the South East were found to be the least aware of GDPR, with over 44 per cent admitting to knowing nothing. Almost 40 per cent of businesses in the East of England and Yorkshire also confessed to knowing nothing.


Businesses in London were found to be the most clued up on GDPR with just 16 per cent saying they had never heard of it.


Businesses focused on IT services topped the sector specific list with just 11 per cent saying they hadn’t heard of GDPR. But among the travel and tourism firms, almost half (46.2 per cent) said they were in the dark.


Litmos Heroes is saving the world from boring learning with an ever-growing library of hundreds of exciting and engaging learning modules and thousands of blended learning resources.


For more information on the range of course available or to request a free trial, visit

Author: Editorial Team

Share This Post On