Research shows improved GDPR readiness

Europe lags behind the U.S. in outlining detailed plans for GDPR compliance; UK firms are least prepared.

  • 7 years ago Posted in
Compuware has released research revealing that, despite making progress over the past 12 months, the majority of European and U.S. businesses are still inadequately prepared to comply with the new EU General Data Protection Regulation (GDPR), due to be enacted next year.
 
Key findings include:
 
  • 67% of European organisations say they are well-briefed on the GDPR and the impact it will have on the way they handle customer data; an improvement from 55% when the same question was asked last year.
  • Of the 94% of U.S. organisations that possess European customer data, 86% claim to be well briefed on the GDPR and its impact on the way they handle that data; a significant rise from the 73%  who responded affirmatively when asked the same question last year.
  • Only 38% of all respondents have a comprehensive plan in place for how they will comply with GDPR, leaving the majority at risk for non-compliance fines. This is only a slight improvement from the 33% who had a comprehensive plan in place last year.
 
However, the findings reveal that U.S. organisations are better prepared for the EU GDPR than their European counterparts. 60% of U.S. respondents with European customer data said they have a detailed and far-reaching plan in place, marking a slight rise from 56% that had plans last year. The UK was least prepared, with just 19% of organisations having a detailed plan in place, rising only slightly from 18% when the question was asked last year.
 
“Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe,” said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware. “UK businesses may be behind due to initial uncertainty over the impact of Brexit. But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats.”
 
Compliance hurdles
 
Identifying the areas of biggest concern, 56% of all respondents said that data complexity and ensuring data quality are the two biggest hurdles they will need to overcome to achieve GDPR compliance.
 
In addition, 75% of organisations said the complexity of modern IT services means they can’t always know where all customer data resides, whilst just over half (53%) said they could locate all of an individual’s data quickly, as will be required to comply with the “Right to be Forgotten” mandate included within the GDPR. Most worryingly of all, nearly a third (31%) admitted that, at present, they couldn’t guarantee they would be able to find all of a customer’s data.
 
“It will be impossible to comply with the GDPR’s Right to be Forgotten if organisations can’t find customer data,” continued Maxwell. “Due to its security and scalability, most large organisations store most of their customer data on the mainframe. This data usually resides in a complex rabbit warren of databases spanning multiple systems, and organizations use manual, time-consuming methods to find and extract it. Businesses need an automated way to map and visualise data relationships, so they can quickly find the specific and relevant data and delete it, without needing specialist skills.”
 
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...