Businesses need to take the threat of ID fraud more seriously and improve means to stop scammers according to research commissioned by PHS Datashred.
The research found almost half of the 158 companies surveyed do not have a dedicated data protection manager, despite 94% being worried about the threat of ID fraud.
Each year, identity fraud in the UK costs more than £2.7bn and affects over 1.8 million people, according to recent figures from the National Fraud Authority.
Nearly half of all businesses are still shredding paper in-house, while 31% of businesses are unaware the Information Commissioner's Office has the power to fine them for data breaches. Just 13% of businesses realised the penalty for a data breach could cost up to £500,000.
Anthony Pearlgood, managing director at PHS Datashred, said: "There's a huge gulf between being aware of ID fraud and putting measures in place to combat it. 2014 is the year this must change and companies must start taking data protection issues more seriously.
"Businesses face fines of up to £500,000 if they don't comply with secure data destruction polices, especially with the proposed introduction of new EU regulations. It's clear too many companies are exposing themselves to theft, hacking, data breaches and spying by competitors."
PHS Datashred has created seven tops tips to prevent data leaks:
1. Create a confidential data policy
2. Store & dispose of data safely
3. Destroy data properly
4. Check identities- use credit reference agencies to verify the identities
5. Secure your accounts
6. Inform & train staff on how to deal with confidential data properly
7. Beware of carrying large amounts of confidential data on unencrypted tablets, laptops, data sticks or mobile phones.