UK Launches Helpline To Aid SMB Compliance With Upcoming Data Security Law

The U.K. wants to help small and medium-sized businesses (SMBs) adhere to the new European Union’s General Data Protection Regulation (GDPR). The regulation comes into effect next May, and the country is deploying a helpline service as part of its effort.

The U.K.’s Information Commissioner’s Office (ICO) said it launched a small business phone service this week to provide advice and guidance to SMBs on how to get ready for the new GDPR regulations, laws aimed at protecting customer and employee data.

“Small companies have limited financial resources and often lack the technical sophistication to effectively protect data,” wrote Bloomberg BNA in its coverage of the helpline.

“All organizations have to get ready for the new data protection rules, but we recognize that the 5.4 million small organizations in the U.K. face particular challenges,” said ICO commissioner Elizabeth Denham in a statement.

The publication highlighted a similar focus on data protection by U.S. policymakers, initiatives that have implications for small businesses. The U.S. Small Business Administration (SBA) is reportedly working with local chambers of commerce, banks and technology companies to increase awareness of cybersecurity and data protection in the SMB community, reports said.

Meanwhile, the House of Representatives passed a bill last month providing cybersecurity guidance to U.S.-based SMBs. The legislation requires the Department of Commerce’s National Institute of Standards and Technology (NIST) to lay out a framework small businesses can voluntarily follow to protect employee and customer data.

A survey released in September by Australian accounting software and business solutions provider MYOB found 87 percent of small businesses consider themselves protected from a cyberattack, yet 38 percent admitted they do not have cybersecurity expertise to adequately address threats. While 79 percent of SMBs say they know no one is safe from a cyberattack, nearly one-third said they feel they do not need to improve cybersecurity measures because they don’t have a strong online presence.