Pharmaceutical professionals across the UK are in danger of underestimating the huge changes that lie ahead in data protection – after a survey revealed almost a third aren’t even aware of the forthcoming European General Data Protection Regulation.
The Regulation, due to be discussed again by the EU Commission, European Parliament and the Council of the EU, is predicted to be ratified in the next twelve months and in place during 2017 – but when information management experts Crown Records Management commissioned a Censuswide Survey of IT decision makers at UK companies with more than 200 employees, to test how well prepared businesses are for the changes, it revealed 28% of IT decision makers in the pharmaceutical sector are totally unware of the changes – only the insurance sector came out worse.
In addition, almost one third say they are waiting for the final details of the Regulation before taking any action, and 33% say their company is looking a staff training to prepare for the new regulation – the lowest across all sectors. 6% are not planning to make any changes at all.
John Culkin, Director of Information Management at Crown Records Management, says, “These results shows UK businesses, and particularly those in the pharmaceutical industry, are worryingly uninformed when it comes to preparing for the EU General Data Protection Regulation.
“It’s a concern that a third of businesses in the pharmaceutical sector are unaware of the big changes ahead, but the important question is not just whether businesses are worried or not, but whether they are being proactive and taking early action to prepare for the Regulation.
“The results did show that more than half in the sector are planning to review information policies, and that’s important. Also 45% have already appointed a Data Protection Officer, which is likely to be compulsory for many companies in future, and that’s the best figure across all sectors.
“Overall, our advice is that companies should begin an information audit as soon as possible and make positive changes as early as possible. With big fines for data breaches in future and strict guidelines on how quickly breaches should be reported there is work to do for many businesses across all sectors.”