Despite potential fines of half a million pounds from the Information Commissioner's Office for failing to protect data and prevent leaks many firms think the penalties don't go far enough.
According to research from Sophos half of those quizzed thought the laws were too lax and 87% felt firms should be forced to reveal when sensitive data was leaked to the public.
But for those resellers rolling up their sleeves getting ready to steam in with a pitch about the need to be compliant there were indications that a more arm round the shoulder approach might be required.
Sophos discovered that a third of firms were worried about the complexity of compliance regulations and 16% had fears about the costs of getting on the right side of the law.
"The survey's findings revealed that while almost 40% of businesses were confident they complied with the legislation, more than half were unsure or concerned about whether they were compliant," said Ciaran Rafferty, VP of Sophos UK and Ireland.
H added that resellers should advise those businesses with concerns to Sophos would urge all businesses with concerns about the current UK legislation to offer their views to the Ministry of Justice, which is currently calling for opinions on if the legislation is working.
"Only with feedback from UK businesses can the MoJ properly assess whether the legislation needs further amendments," he said.