A recent survey has thrown up some worrying data from the business community regarding the General Data Protection Regulation, also known as GDPR.
GDPR is the new EU regulation covering the collection, management and privacy of data and will come into force on the 25th of May, 2018. It will introduce a new set of requirements and regulations aimed at creating a more secure and protective legal framework governing the collection and use of the personal data of all citizens of the European Union.
However, with less than a year left before its introduction, a new survey carried out by Watchguard Technologies has found a significant proportion of companies and organizations are simply not ready to become GDPR compliant.
Perhaps the most worrying finding of the survey, which quizzed 1,600 varied organizations about GDPR, is that 37% of them had no idea if the new regulation even applied to them.
Digging deeper into the responses of this 37%, the respondents were asked how many of them collected personal data on EU citizens as part of their day-to-day operations. The answer was 14%, meaning a significant proportion of the respondents were putting themselves at serious risk of failing to comply with GDPR.
A further 28% of respondents were “unsure” if they collected personal data – again, potentially opening themselves up to non compliance. Only 10% of respondents believed that they were completely compliant with the new regulations.
The penalties for noncompliance can be steep , ranging from a written warning to mandatory data protection audits or even a possible of up to 4% of a company’s yearly revenue.
It is imperative that more businesses, even US based ones, begin to take steps toward GDPR compliance as soon as possible.