Less then Half of Companies Have a GDPR Compliance Plan

The recent results findings of a survey conducted by SAS, a multination statistical software company, showed that only 45% of companies and groups have a structured plan ready the introduction of General Data Protection Regulation (GDPR).

Just, 58% of the business managers believe that they are unaware of the legal ramification for noncompliance with the new EU legislation. Failure to know the noncompliance repercussions, as the study  shows, casts serious fears over preparations. Most organizations may not be ready for the deadline given that they unaware how to become GDPR compliant.

Although most study participants appreciate the fact that the new law will alter their business activities, 42% of them indicate that their companies are not informed of the impact the law will have on their daily operations. Some organizations have made significant strides in terms of creating structured strategies to becoming compliant. However, only 66% of them believe that having such strategies in place would lead to successful compliance. This implies that many organizations lack confidence in their preparations.

Large organizations with more than 5,000 members of staff are in a position to gain a competitive edge over smaller firms. The majority of them (54%) are conscious of the effects of the legislation compared to 37% of the small businesses. Organizations with structured procedures appear to be incorporating different strategies to meet the legal requirements. The result show that they tend to embrace external consultations frequently as opposed to the lack of external engagement from companies without structured strategies. Only 24% of these companies conduct external consulting compared to 34% of those with processes established.

The study reveals that government department and agenices are mostly unconcerned with the effects of GDPR. 76% of respondents are not aware of the law’s effects on business. 48% of the interviewees confirmed that obtaining their personal data from their databases was a major issue. This raises serious concerns about the companies’ ability to complete Subject Access Requests as well complying with the right to be forgotten. In these cases, many companies may still have some work to do as far as GDPR compliance is concerned. They might have to implement more tools and processes to allow them to satisfy requirements. According to the release study, 58% of organizations still encounter serious obstacles with data portability and data erasure.

Financial institutions and large organizations encounter the most challenges when in relation to obtaining stored personal data. These firms need to develop processes and structures that would allow them to manage access to personal data within their organizations. This is important as the new EU GDPR legislation puts particular emphasis on data privacy and delineates stringent conditions when handling this.

71% of the study respondents think that GDPR will improve data governance in general. Preparations for compliance will improve IT structures in most organizations. According to the research, 37% of those who took part felt that their general Information Technology skills will improve.


Author: GDPR News