London Calling … U.K. Launches Cybersecurity Help Line for Small Businesses


Small businesses in the U.K. Nov. 1 will receive some help adapting to the biggest privacy regime change in two decades: the European Union General Data Protection Regulation (GDPR).

The U.K.’s privacy regulator, the Information Commissioner’s Office, is launching a phone service to provide advice to small businesses and charities on how to get ready for the GDPR, which enters into force May 25, 2018.

Helping small- and medium-sized businesses comply with privacy laws to protect the personal data of their customers and employees has been a focus for lawmakers around the world. Small companies have limited financial resources and often lack the technical sophistication to effectively protect data.

The GDPR, unlike some data privacy laws, doesn’t have a general exemption for small- or medium-sized businesses. However, the law takes into account the size of a company, and doesn’t apply obligations such as record keeping and hiring a data protection officer to smaller businesses. 

The ICO phone line isn’t the first small business GDPR preparation service that the U.K. regulator has offered. It has already released guidance documents aimed at small- and medium-sized organizations on IT security, training, and outsourcing.

“All organisations have to get ready for the new data protection rules, but we recognize that the 5.4 million small organization in the U.K. face particular challenges,” ICO Commissioner Elizabeth Denham said in a statement announcing the help line. 

The U.S. Small Business Administration and Congress have also made it a priority to provide cybersecurity assistance for small businesses. The SBA estimates that there are over 28 million small businesses—companies that employ less than 500 people—in the U.S. and that they employ about 50 percent of the U.S. workforce. The agency has recently been reaching out to local chambers of commerce, technology vendors, and banks that serve small businesses to raise awareness of the benefits of cybersecurity threat sharing.

The House Oct. 11 passed a bill that would provide cybersecurity guidance to the nation’s millions of small businesses, requiring the Department of Commerce’s National Institute of Standards and Technology to create small business cybersecurity voluntary guidelines. The Senate passed a similar bipartisan bill Sept. 28. 

Small organizations in the U.K. can dial the ICO helpline at 0303 123 1113, and select option 4 to reach support staff.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.