A recent survey* among users of Intelliflo’s Intelligent Office (iO) shows the majority of advisers run the risk of not meeting the May 2018 deadline for being compliant with the General Data Protection Regulation (GDPR).
Two thirds (67%) say they don’t yet have a plan to ensure GDPR is fully implemented by the enforcement date of 25 May 2018, with almost one in ten (9%) saying they were not aware of the new regulation.
The survey also highlights confusion about the differences between the existing Data Protection Act and the new requirements under GDPR, with just three in 10 (30%) saying they understand the differences very well. Of the rest, around a third (31%) said they have a little understanding of the differences, with almost four out of 10 (39%) saying they don’t understand the differences well, or not at all.
Rob Walton, Chief Operating Officer at Intelliflo comments:
Although May might seem like a long way off, it’s actually very little time for advisers to start preparing for the enforcement date of GDPR. It’s not the case that if you are compliant with the current Data Protection Act, then there’s little to worry about. The new regulation is far more detailed, with new obligations and requirements and it’s essential that advisers can demonstrate that they have taken action to ensure they are fully meeting these. Personal data is the very essence of financial advice therefore GDPR could have a significant impact on most, if not all, firms. Our survey throws up some worrying results and I urge advisers to act now to get a firm grasp on what it means for them and their businesses.
Other findings of the survey show:
- Worryingly, three quarters (74%) of those surveyed are not concerned or don’t know about the impact GDPR will have on their businesses.
- Nine out of 10 (89%) currently store data that relates to clients they used to advise but no longer have a need to contact or have lost contact with for a number of years.
- Of those who store previous client data, 43% regard this data as being a valuable asset to their business.
- Only one in three (30%) say they have implemented security best practice and do not store paper based material containing personal client data at all (22%) or use secure third-party run facilities (8%).
- Almost half (49%) store client data in locked cupboards or drawers within their offices, with 17% storing them unlocked in their offices. 2% store material in locked out-buildings near to their office.
*Intelliflo surveyed 270 users of its iO software about GDPR between 21 August and 18 September 2017.