Posted on March 23, 2018 by staff

Size doesn’t matter – GDPR applies to every business


The General Data Protection Regulation has been described as the most significant overhaul in data protection in a generation.

Statistics suggest that the majority of organisations are still not prepared despite the prospect of irreparable reputational damage and being fined €20m or four per cent of worldwide annual turnover if they do not comply.

Mark Shaw is senior project manager at HR and software company Cascade, whose clients range from smaller SMEs to organisations with up to 10,000 staff.

He says GDPR applies to every business that processes or stores the personal data of EU citizens, so a company’s size should not affect its approach.

“It’s less about the size of the company and more about what activities your business is involved in.

“If you’re a business that is a public authority, or you’re involved in regular, systematic monitoring of data subjects or if you’re processing a large amount of sensitive, personal data then your approach would differ because you’ll need a data protection officer.”

Cloud hosting firm UKFast is providing free GDPR pocket guides containing valuable resources and guides from industry experts to help support businesses. Request your free copy here.