GDPR guide for SMEs – everything a small business needs to know


Hiscox banner shape mask mobile Hiscox banner shape
November 3rd, 2017
Stephen Ridley

Stephen Ridley is Lead Cyber Underwriter and Product Head for cyber and data risks at Hiscox UK and Ireland.

As a small business you may have heard of GDPR but what exactly do you need to do to prepare? Stephen Ridley, Product Head for cyber and data risks, Hiscox UK and Ireland, introduces our GDPR guide…
Man Checking Tax Receipts at Laptop

We are now less than 7 months away from the European General Data Protection Regulation (GDPR) coming in to force, yet a recent YouGov survey found that only 22% of small businesses have started taking steps to prepare themselves for the changes that this law will bring.

From speaking to companies about these changes, it has become clear that there is uncertainty about what the key parts of GDPR are, whether it applies to small business, and where efforts should be prioritised.

When the full content of the GDPR was agreed in May 2016, we worked with law firm Pinsent Masons (external link) to pull together a list of 11 tips to prepare for these changes.

We have now put our heads back together to produce a more comprehensive GDPR guide for small businesses to demystify the regulation, and cut through much of the noise and fear, uncertainty and doubt (FUD) that exists around this topic.

In this guide, we answer the following questions:

  • What is the GDPR and how does it apply to you?
  • What do you, as a small business, need to do to be compliant with GDPR?
  • What if you have a data breach under the GDPR regulations?
  • What are the consequences of failing to comply with GDPR?
  • Where can SMEs get additional information/support?

Even if you haven’t started the process of getting compliant, there’s still time; some simple steps can get you the majority of the way there.

To find out how, read our guide to GDPR for SMEs