UK businesses patchy at complying with data privacy rules
Companies need clear and well-defined data privacy strategies


Only half of UK businesses are fully complying with all data privacy regulations and industry guidelines - an improvement, but not much of one.
Research from Zoho Digital found that the figure has risen from 2023's 42%, but that many businesses still need to improve their data practices.
On the plus side, transparency of data practices emerged as a growing strength, with 50% of respondents saying that their data privacy policies are clear, simple, and transparent, up from just 33% in 2023.
"According to Zoho’s Digital Health survey, businesses must improve transparency around data usage as a clear step toward ethical behaviour," said Sachin Agrawal, Zoho managing director.
“This will play an important role in improving customer experience, strengthening customer relationships."
The survey revealed that 47% of businesses now view data privacy as a critical part of their success, and that 46% conduct regular data privacy training for employees.
However, it also identified serious gaps where businesses are falling behind. Only three-in-ten businesses reported going beyond requirements to provide additional protection for customer and employee data.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
This, Zoho noted, suggests that while businesses are meeting their compliance requirements, few are taking proactive steps to enhance data protection.
"In an increasingly data-driven world, organisations must prioritize data privacy throughout their operations. It is encouraging to see the growing recognition of data privacy’s role in driving business policies, but there is still a lot of progress to be made," said Agrawal.
"To unlock the full transformative potential of technologies like AI, businesses must have clear and well-defined data strategies which both protect customer and employee data but enable flexibility of use in the right way."
The report comes hot on the heels of research from ISACA, which found only a third of data privacy professionals are confident in their organization’s ability to safeguard sensitive data, and just a quarter follow Privacy by Design best practices.
RELATED WHITEPAPER
Their teams underfunded, they said, and more than half told ISACA they expect budgets to decline this year.
ISACA warned that many organizations risk falling foul of GDPR and new legal frameworks such as the Digital Services Act and EU AI Act.
Recently, Charlie Bromley-Griffiths, senior legal counsel at legal document management software form Conga, told ITPro that UK businesses had made substantial strides in aligning with privacy legislation.
"Companies have implemented stronger data governance policies, enhanced security protocols and prioritized the rights of data subjects," she said. "However, challenges still remain, particularly for small and medium-sized enterprises struggling with the complexity and cost of full compliance."
Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
NHS supplier hit with £3m fine for security failings that led to attack
News Advanced Computer Software Group lacked MFA, comprehensive vulnerability scanning and proper patch management
By Emma Woollacott Published
-
‘It’s your worst nightmare’: A batch of €5 hard drives found at a flea market held 15GB of Dutch medical records – and experts warn it could’ve caused a disastrous data breach
News Robert Polet made a startling discovery after finding hard drives on sale for €5 each in a flea market.
By Solomon Klappholz Published
-
Unlock profitability with Cove Data Protection
Whitepaper Agile risk management starts with a common language
By ITPro Published
-
GDPR fines might’ve dipped last year, but don’t get complacent – personal liability risks are rising
News A decrease in big GDPR fines doesn’t mean it’s plane sailing for enterprises in 2025
By Emma Woollacott Published
-
Data privacy professionals are severely underfunded – and it’s only going to get worse
News European data privacy professionals say they're short of cash, short of skilled staff, and stressed
By Emma Woollacott Published
-
Four years on, how's UK GDPR holding up?
News While some SMBs are struggling, most have stepped up to the mark in terms of data governance policies
By Emma Woollacott Published
-
Where will AI take security, and are we ready?
whitepaper Steer through the risks and capitalise on the benefits of AI in cyber security
By ITPro Published
-
Customer Stories - south west London integrated care board security assessment.
whitepaper The rise in attacks has prompted trusts to check the health of their cyber security infrastructure and practices.
By ITPro Published