A recent survey carried out by IT security specialists HyTrust has revealed some troubling news coming from the US is that almost 80% of the companies that participated are not ready for the introduction of the General Data Protection Regulation (GDPR) on May 25 2018.
The 323 companies questioned were all talking about their Cloud Infrastructure, a critical service when it comes to the security of personal data.
Potentially, the most worrying figure to come from the survey was that 52% of respondents said that the organisation they represented was not concerned about GDPR, or did not think it would impact them. This may be due to the commonly-held misconception that GDPR only impacts firms or organisations that are located within the European Union. The reality is that the GDPR will have worldwide ramifications as it applies to any company that manages the personal data of people who reside within the EU. It is likely are that those companies will suddenly become aware of the shortcomings of their currently policies.
GDPR Non-Compliance Penalties
Apart from the 52% of those who participated that we have already referred to, 27% answered that they did not have an effective plan ready even though they have concerns regarding GDPR. These companies are right to be worried about that lies ahead of them. Any failure to adhere with this new EU legislation could be hit with fines of up to $20 million or 4% of annual turnover, whichever is the larger figure.
If the revelations of the HyTrust survey are accurate, many US companies could encounter issue when the GDPR becomes enforceable by law.