GDPR anniversary “highlights need for businesses to change attitudes towards data protection”

With the first anniversary of the General Data Protection Regulation (GDPR) now upon us, a prominent data expert is warning that companies need to change their attitude towards the legislation. Hellen Beveridge, privacy lead at Data Oversight, suggests that when it comes to the GDPR, rather than recognising practices, businesses need to change to meet required standards. Instead, organisations are frequently trying to mould legislation to fit into their existing processes.

Speaking about companies in the UK and their failure to fully embrace the GDPR, Beveridge said: “Organisations fall broadly into two camps: risk-averse and risk-tolerant. The former are working hard as they want to do the right thing by their customers and, more importantly, don’t want to fall foul of the GDPR. The latter, in return, are still waiting to see if any of their peers are caught out and then they might take action. Many companies in the UK are still just tickling the legislation at the edges. They haven’t invested in governance as a budget item and simply have their fingers crossed that they will not be caught out. This doesn’t just apply to SMEs, either. There are multi-million pound turnover businesses who simply haven’t grasped the nettle.”

When it comes to businesses implementing the GDPR more effectively, Beveridge believes Brexit could pose numerous challenges. “The Information Commissioner’s Office is the largest data protection authority in the world and was responsible for the bulk of the work on Binding Corporate Rules undertaken in the EU. Companies will now need to find another lead authority. Like countries outside of the EU at present, UK companies will need to comply with the individual laws of the 27 Member States, including the appointment of an EU representative.”

Beveridge was speaking about the first year of the GDPR and how Brexit will affect it ahead of her appearance at this year’s European Data Protection Summit, which takes place at 133 Houndsditch in London on Monday 3 June. The Summit is due to welcome over 700 attendees, feature over 50 industry expert speakers and over 30 exhibitors. Everything data protection, governance and security related will be discussed.

Speakers confirmed so far this year include Max Schrems (founder of noyb and a privacy activist), Steve Wright (Group DPO at the Bank of England), Nicola Roviaro (head of EMEA data privacy at Google), Tamara Ballard (data protection lawyer for Channel 4) and Sheila Fitzpatrick (president and founder of Fitzpatrick & Associates).

*For further information on the European Data Protection Summit visit

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts