Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

Businesses struggling with IT law compliance


British businesses are finding it hard to cope with the volume and complexity of rules and regulations governing the use of IT in the workplace, according to new research from internet solutions provider Star Internet.

In a survey of 300 company directors and senior IT decision makers in April and May this year, 72% of respondents said that compliance with IT regulation had become more of an issue in the last year. Eighty-six percent believed that the situation would get worse over the next 12 months.

The research suggests that while it is the IT Director or Manager that is primarily responsible within an organisation for compliance with IT legislation, they are only superficially aware of what the various Acts require.

According to Star Internet, while 84% of the respondents thought they had a "fair to good" understanding of the Data Protection Act, 40% admitted their understanding of the Regulation of Investigatory Powers Act was "poor", and a similar number said they had a minimal grasp of the EU Privacy and Electronic Communications Directive, which was incorporated into UK law last year.

An overwhelming 83% acknowledged that they had a "poor" understanding of US-led legislation such as the Sarbanes-Oxley Act – although such legislation has little impact on the vast majority of British businesses.

Although most respondents claim that their company has formal internal policies or procedures in place to aid compliance, such as data storage and internet usage policies, over a third still do not have such basic measures in place.

Although respondents seek information on IT compliance from a variety of sources, including in-house and external lawyers, and ISP suppliers, 27% claim not to have a primary source at all, said Star Internet.

According to Dan Scobie, Strategic Technology Officer with Star Internet:

"Businesses should be seeking help from their ISP suppliers to advise them not only about the potential pitfalls, but also what best practice they should be following. Suppliers simply cannot opt-out of this side of business life – and the ISP industry as a whole needs to recognise this. Firms should have a clear understanding of what an ISP should be delivering, what a company itself should be responsible for, and what best practice should be considered."

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.