GDPR came into force in 2018 in what felt like an overnight change of data protection regulation. The European Commission, however, brought up the need for regulatory changes in data protection (last updated in 1995) as early as 2012 and GDPR was adopted in 2016, leaving companies 2 years to prepare for its enforcement.

Yet here we are, in 2022, after a pandemic and so many significant changes, still discussing the numerous problems arising from GDPR implementation. It is no surprise, that those hit the hardest by the changes in data protection have been small and medium-sized businesses and organisations. Where big corporates have been able to create departments and new roles to ensure compliance, SMEs and almost any other type of organisation, from charities to volunteer bodies and various types of small associations, clubs and schools have had little to know resources in order to fully comply.

The main problems are quite obvious and systemic: GDPR is a legal matter.

It has 99 articles with legal texts that require expertise and specialisation. Needless to say, full compliance with data protection is largely dependent on any given organisation’s financial capabilities. The result is that too many businesses and organisations are effectively playing it by ear, and with good reason. Staff awareness of data protection and customer rights is often limited, if not completely absent. Consultants can be costly, especially for SMEs that are so often in firefighting mode. In the end, it all depends on dissemination and access to information. But how many business owners will spend hours on YouTube watching tutorials or googling information on legal documents and business policies?

From GDPR to ESG

How is this relevant to ESG, you may be wondering. GDPR showed how big the gap between regulation and implementation can be, especially when the information available isn’t disseminated widely. During the pandemic ESG and sustainability became increasingly important reaching a peak of interest in November 2021 with COP26 —indeed it has been perhaps the first time, the world has really paid attention to Climate Change and the need for immediate action beyond the individual and awareness level.

In corporate terms and especially in the financial industry, ESG has been the centre of attention for a while now. Although regulation is not universal and all-encompassing yet, it is only a matter of time before it swallows up small businesses and organisations in a new, GDPR-like headache that has to be solved overnight with scarce resources and little information.

Eevery prepares you for ESG regulation

The idea behind Eevery has all along been one of proactivity. We started building our platform in order to inform and motivate SMEs to calibrate with globally accepted standards (like GRI and the UN’s SDGs) and help them win more business along the way, whilst avoiding re-allocation of resources, which can be necessary in other areas of the business.

Changing the greater picture

Much like GDPR, when it comes to the new regulation, it’s quite often that we don’t think of problems and challenges smaller businesses face, in the way we think about corporates. But when it comes to sustainability, in the same way, we need to recognise individual responsibility, we also need to account for every level of the economy. SMEs are the backbone of the global economy. Even though owners may have an understanding of their business as a small unit, a tiny piece of a much much bigger puzzle, it’s important to help see and understand the picture that puzzle puts together. Like on the individual level, saving water might not make such a big difference, but collectively our actions accumulate and contribute towards significant change —for ourselves and our surroundings.

Subscribe now and read the latest news around ESG and sustainability for small and medium size businesses.

Subscribe