Survey says 79 per cent in the sector intend to take advantage of new ‘right to erasure’
Four in five people who work in the finance sector are ready to ask for their personal data be edited or deleted once the General Data Protection Regulation (GDPR) comes into force, a survey has revealed.
The regulation, which arrives on May 25, will give all EU citizens greater rights over their personal data.
This includes a right to ask for their data to be edited or deleted – as part of a so-called ‘right to be forgotten’ or ‘right to erasure’.
Now businesses are bracing themselves for exactly what this means and how much it will cost them.
A survey by Crown Records Management, global information management experts, has revealed some stunning results when it comes to how many people could ask for their data to be removed or altered. And it seems those in the finance sector will be amongst the most determined to protect their data.
The results, after more than 2,000 people across the UK were polled, revealed:
- An incredible 79 per cent of those in the finance sector said they may ask for their data to be edited or deleted after May 25 – with 30 per cent saying they would definitely do so.
- This was higher than most sectors – in HR the figures were 65 and 26 per cent.
- Across all sectors, 71 per cent said they would (either definitely or possibly) ask a company to edit or delete their data when the new regulation comes into force. In an adult UK population of 52.6 million this could result in an incredible 37.3 million requests.
- Only 8 per cent across all sectors gave a straight ‘no’ when asked if they would want data edited or deleted.
- More than half of directors across all sectors said they would definitely ask for their personal data to be changed or removed.
David Fathers, Regional Manager at Crown Records Management said: “We were all aware that the public is increasingly interested in how their personal data is used and increasingly aware of its value and the dangers of its misuse.
“But for so many people to indicate they will ask for data to be edited or deleted will come as a shock to many businesses.
“The figures in the finance sector are predictably high and perhaps shows how aware people in that profession, who handle financial data all the time, are about the value and risks of personal data in the modern world.
“The bottom line is that there could be a big challenge ahead for UK businesses. Even if only the 25 per cent of the UK public who answered ‘definitely’ follow through with that intention then we could be looking at more than 16 million requests – which is an eye-watering figure.”
The type of data those in the finance sector will want edited or deleted was interesting, too.
Data held for financial, banking and credit card information came out top on 66 per cent, followed by 63 per cent for information held for marketing and mailing list.
“These are the types of data which those in finance will very familiar with,” said David Fathers. “So it isn’t a big surprise.
“But the list also includes basic personal information on 60 per cent – and 59 per cent for performance history at work, one of the highest figures in that category.
“This shows just how many types of personal data are under discussion here. Few businesses will be unaffected.
“Companies should already know what data they have, where it is, how it can be accessed and how it can be edited – but the GDPR regulations will make this mandatory. A full data audit now before the regulation comes in is the very minimum required to start the preparation process.
“There are also significant budget implications to consider if they are going to cope with the volume of requests which come their way.”