ICO launches GDPR helpline for vulnerable small and medium businesses

The Information Commissioner’s Office has launched a new helpline to help small and medium businesses adapt to the requirements of the upcoming data protection law.

Small and medium businesses in the UK are the most vulnerable to cyber crimes as they spend next to nothing on securing their systems or customer data.

Small and medium businesses have often been the weak link as far as the UK's fight against cyber crime is concerned. This is often due to lack of funds or poor understanding of the cyber threat among such business owners, and also the fact that the government has done little to help them secure their systems and customer data.

Last month, a survey conducted by Duo Security in partnership with YouGov revealed that while 30% of small businesses allocated less than 3% of their overall budgets on cyber security products and services, 45% of them were sure that they will never be targeted by cyber criminals. This was despite the fact that while only 18% of all businesses targeted by phishing attacks in 2011 were small businesses employing up to 250 people, the figure rose to 43% in 2015.

'It’s not just Fortune 500 companies and nation states at risk of having IP stolen–even the local laundry service is a target. In one example, an organization of 35 employees was the victim of a cyber-attack by a competitor," noted Symantec's Internet Security Threat Report published last year.

With the European General Data Protection Regulation (GDPR) as well as the UK's new Data Protection Law (which is based on the former) approaching, the Information Commissioner's Office has finally decided to act. The ICO has launched a new helpline to help small and medium businesses adapt to the requirements of the upcoming regulations.

'All organisations have to get ready for the new data protection rules, but we recognise that the 5.4 million small organisations in the UK face particular challenges,' said Elizabeth Denham, the Information Commissioner.

'Small organisations want to be ready when the new law comes into force in May 2018, but they often struggle to know where to start. They may have less time and money to invest in getting it right and are less likely to have compliance teams, data protection officers or legal experts to advise them what to do.

'Our new phone service and all the other resources already on our website plus even more advice and guidance yet to come will help steer small businesses through the new law,' she added.

If you are a small business owner and need to know mode about the GDPR and what it will entail, you need to dial 0303 123 1113 and select option 4. You can also visit the ICO's “12 steps to take now” graphic to learn more about how to prepare for the GDPR. The ICO has announced that it will further simplify the 12-point guide to help small and medium businesses in the coming days.

Aside from taking these steps, the ICO will also publish a Guide to the GDPR by the emd of the year which it says will expand 'the content of the current overview to make it a comprehensive guide along the same lines as the current Guide to Data Protection'.