THE prospect of Brexit may have led businesses to ignore new European data protection laws which will seriously affect them, a company boss says.

Matt Horan, of Poole-based C3IA solutions, says some companies are “totally unaware” of new EU regulations – despite the prospect of fines worth up to four per cent of turnover.

The rules, which will effectively replace the Data Protection Act, are contained in the European General Data Protection Regulation (GDPR). Firms which breach it could be fined by up to four per cent of worldwide turnover or 20 million euros, whichever is the greater.

Mr Horan said the Brexit vote may have led some companies to assume the changes would not affect the UK.

In fact, every company in the world that holds the data of EU citizens must be compliant before the regulation comes into effect in a year’s time. Some will be required to appoint a data protection officer.

Mr Horan said: “We have found that some businesses are wholly unprepared for this regulation, as SMEs are with the Cyber Essentials certification that is becoming increasingly important.

“The regulation is being adopted into UK law and it will mean data protection rules across the EU will be standardised.

“Companies that meet certain criteria must appoint a data protection officer, and already our staff are preparing to fulfil this role for businesses which want to comply but don’t have the expertise.

“The EU GDPR is aimed at protecting EU citizens and will give them more control over their own data and make it easier for them to access.

“It will also make it easier for businesses to move data between EU countries because the laws will be identical.

“As well as large fines, the regulation includes notice of compensation to customers whose data has been lost, and companies that fail to report loss of data will also face fines.”

The European Commission estimates that the proposals will lead to a net reduction of £2billion in administrative burdens for EU businesses.

C3IA was set up in 2006 by Matt Horan and Keith Parsons and has 84 staff, of whom 33 are employees and 51 associates. It was the first cyber-security company to be certified by the government’s National Cyber Security Centre.