Four in five people who work in the finance sector are ready to ask for their personal data be edited or deleted once the General Data Protection Regulation (GDPR) comes into force, a survey has revealed.
The regulation, which arrives on May 25, will give all EU citizens greater rights over their personal data. This includes a right to ask for their data to be edited or deleted—as part of a so-called ‘right to be forgotten’ or ‘right to erasure’.
Now businesses are bracing themselves for exactly what this means and how much it will cost them.
A survey by Crown Records Management, global information management experts, has revealed some stunning results when it comes to how many people could ask for their data to be removed or altered. And it seems those in the finance sector will be amongst the most determined to protect their data.
The results, after more than 2,000 people across the UK were polled, revealed:
- An incredible 79 % of those in the finance sector said they may ask for their data to be edited or deleted after May 25—with 30 % saying they would definitely do so
- This was higher than most sectors—in HR the figures were 65% and 26 %
- Across all sectors, 71 % said they would (either definitely or possibly) ask a company to edit or delete their data when the new regulation comes into force. In an adult UK population of 52.6mn this could result in an incredible 37.3mn requests
- Only eight percent across all sectors gave a straight ‘no’ when asked if they would want data edited or deleted
- More than half of directors across all sectors said they would definitely ask for their personal data to be changed or removed
David Fathers, Regional General Manager at Crown Records Management said: “We were all aware that the public is increasingly interested in how their personal data is used and increasingly aware of its value and the dangers of its misuse.
“But for so many people to indicate they will ask for data to be edited or deleted will come as a shock to many businesses.
“The figures in the finance sector are predictably high and perhaps shows how aware people in that profession, who handle financial data all the time, are about the value and risks of personal data in the modern world.
“The bottom line is that there could be a big challenge ahead for UK businesses. Even if only the 25 per cent of the UK public who answered ‘definitely’ follow through with that intention then we could be looking at more than 16 million requests – which is an eye-watering figure.”
The type of data those in the finance sector will want edited or deleted was interesting, too.
Data held for financial, banking and credit card information came out top on 66%, followed by 63% for information held for marketing and mailing list.
“These are the types of data which those in finance will very familiar with,” said David Fathers. “So it isn’t a big surprise.
“But the list also includes basic personal information on 60%– and 59% for performance history at work, one of the highest figures in that category.
“This shows just how many types of personal data are under discussion here. Few businesses will be unaffected.
“Companies should already know what data they have, where it is, how it can be accessed and how it can be edited – but the GDPR regulations will make this mandatory. A full data audit now before the regulation comes in is the very minimum required to start the preparation process.
“There are also significant budget implications to consider if they are going to cope with the volume of requests which come their way.”