Only half of UK businesses are fully complying with all data privacy regulations and industry guidelines - an improvement, but not much of one.
Research from Zoho Digital found that the figure has risen from 2023's 42%, but that many businesses still need to improve their data practices.
On the plus side, transparency of data practices emerged as a growing strength, with 50% of respondents saying that their data privacy policies are clear, simple, and transparent, up from just 33% in 2023.
"According to Zoho’s Digital Health survey, businesses must improve transparency around data usage as a clear step toward ethical behaviour," said Sachin Agrawal, Zoho managing director.
“This will play an important role in improving customer experience, strengthening customer relationships."
The survey revealed that 47% of businesses now view data privacy as a critical part of their success, and that 46% conduct regular data privacy training for employees.
However, it also identified serious gaps where businesses are falling behind. Only three-in-ten businesses reported going beyond requirements to provide additional protection for customer and employee data.
This, Zoho noted, suggests that while businesses are meeting their compliance requirements, few are taking proactive steps to enhance data protection.
"In an increasingly data-driven world, organisations must prioritize data privacy throughout their operations. It is encouraging to see the growing recognition of data privacy’s role in driving business policies, but there is still a lot of progress to be made," said Agrawal.
"To unlock the full transformative potential of technologies like AI, businesses must have clear and well-defined data strategies which both protect customer and employee data but enable flexibility of use in the right way."
The report comes hot on the heels of research from ISACA, which found only a third of data privacy professionals are confident in their organization’s ability to safeguard sensitive data, and just a quarter follow Privacy by Design best practices.
RELATED WHITEPAPER
Their teams underfunded, they said, and more than half told ISACA they expect budgets to decline this year.
ISACA warned that many organizations risk falling foul of GDPR and new legal frameworks such as the Digital Services Act and EU AI Act.
Recently, Charlie Bromley-Griffiths, senior legal counsel at legal document management software form Conga, told ITPro that UK businesses had made substantial strides in aligning with privacy legislation.
"Companies have implemented stronger data governance policies, enhanced security protocols and prioritized the rights of data subjects," she said. "However, challenges still remain, particularly for small and medium-sized enterprises struggling with the complexity and cost of full compliance."
-
What AI models are best for vibe coding?News Vibe coding had become the latest big trend in software development, but research shows this can yield decidedly insecure code.
-
Healthcare organizations are turning a blind eye to phishing attacksNews A survey reveals that most attacks go unreported, putting patient data at risk
-
NHS supplier hit with £3m fine for security failings that led to attackNews Advanced Computer Software Group lacked MFA, comprehensive vulnerability scanning and proper patch management
-
‘It’s your worst nightmare’: A batch of €5 hard drives found at a flea market held 15GB of Dutch medical records – and experts warn it could’ve caused a disastrous data breachNews Robert Polet made a startling discovery after finding hard drives on sale for €5 each in a flea market.
-
Unlock profitability with Cove Data ProtectionWhitepaper Agile risk management starts with a common language
-
GDPR fines might’ve dipped last year, but don’t get complacent – personal liability risks are risingNews A decrease in big GDPR fines doesn’t mean it’s plane sailing for enterprises in 2025
-
Data privacy professionals are severely underfunded – and it’s only going to get worseNews European data privacy professionals say they're short of cash, short of skilled staff, and stressed
-
Four years on, how's UK GDPR holding up?News While some SMBs are struggling, most have stepped up to the mark in terms of data governance policies
-
Where will AI take security, and are we ready?whitepaper Steer through the risks and capitalise on the benefits of AI in cyber security
-
Customer Stories - south west London integrated care board security assessment.whitepaper The rise in attacks has prompted trusts to check the health of their cyber security infrastructure and practices.
