Four in five IT managers in Europe are unaware of upcoming EU data protection regulation changes, according to new research.
Conducted by data recovery firms Kroll Ontrack and Blancco, the study also found three out of five IT managers admit that their organisations have not taken steps to become EU General Data Protection Regulation (GDPR) compliant.
Furthermore, 55% of participants said they have not reviewed and adapted data destruction policies, while 25% did not have a process in place for data destruction at all.
The GDPR is intended to unify data protection laws to meet challenges presented by digital age and strengthen the protection of online personal data.
Once it becomes law, all businesses handling EU residents’ data will be required to delete personal information on request or when it is no longer required by the organisation.
GDPR also aims to encourage the use of auditable deletion procedures for companies processing personal data.
Although most participants in the Kroll Ontrack/Blancco study admitted unpreparedness for the new regulation, 57% of the 660 IT managers surveyed believed the new laws would directly affect them.
The firms responsible for the research urge businesses to remember they face significant fines for non-compliance - €250,000 (£197,000) or 0.5% of annual turnover for less serious breaches and up to €100m (£79m) or 5% of annual turnover for serious infractions.
“Organisations still have a great deal of work to do to ensure they comply with the data protection guidelines of the new GDPR regulation,” claimed Kroll Ontrack programme and operations manager Paul le Messurier.
“Any business holding personal data on EU residents, be it online or offline, will have to abide by the new rules,” he added.