Latest News

What GDPR? Over a third of UK workers have made no changes when handling sensitive data

New survey findings released today reveal that one year since the introduction of stringent GDPR rules, over a third (34.5 per cent) of British workers admit they still haven’t changed the way they handle sensitive data, despite 84 per cent saying that they know what their data protection compliance responsibilities are.

The survey of 1,000 full-time UK employees by insider threat management platform ObserveIT reveals that despite some employee complacency, the new rules have impacted on day-to-day work processes, with 83 per cent of respondents confirming that their employers have adopted new data security policies and technology solutions over the past year.

Insiders – employees, partners and contractors – can be an organisation’s strongest defence or weakest link for protecting sensitive information, depending on their levels of knowledge. continued training and support, so the report’s findings give rise for concern:

  • Over a third (34.5%) of British workers say they are not handling data any differently since the introduction of GDPR
  • Almost a third (27%) of British workers believe they never handle valuable customer or sensitive/proprietary data at all
  • Only 22 per cent believe their personal information is safer with third-parties because of new regulations
  • Just half of UK organisations recognise that a mix of technology, security training and technology usage policies must be used to combat data breaches.

Employees in the United States were also polled to establish a comparison between the two markets. Key differences highlighted are that:

  • In the U.S, one-third of respondents say they aren’t aware of any privacy policies their organisation abides by, while in the UK only 17 per cent of people say they are unaware of privacy laws that affect their employer
  • 44 per cent of U.S. employees aren’t very confident their organisation is taking the proper steps to protect their own personal information, compared to 61% in the UK who are confident
  • 67 per cent of employees in the UK feel they have ample training to ensure that customer data is protected in line with new regulations versus 47% of employees in the U.S.

“Privacy regulations aren’t going away any time soon. In fact, over the next several years, we’ll likely see more regional policies go into effect as consumers demand more transparency around how their information is being used,” said Mike McKee, CEO of ObserveIT. “We’re committed to helping organisations navigate this privacy-centric business environment by providing deep understanding of user activity and tools to support employee behaviour change – ensuring the information of their customers and employees remains secure.”