Disturbing news coming from the US is that a recent survey conducted by HyTrust, security solutions specialists, showed that almost 80% of respondents were not prepared for the introduction of the General Data Protection Regulation (GDPR), in May 2018.
The 323 organisations interviewed were all talking about their Cloud Infrastructure, which is obviously an important aspect of the security of personal data.
‘GDPR does not affect them’
Potentially, the most worrying figure to come from the survey was that 52% of respondents said that the organisation they represented was not concerned about GDPR, or did not think it would affect them in any way. This is possibly due to the common misconception that GDPR only affects companies or organisations that are based within the EU. The truth is that the GDPR will have a global effect as it applies to any company that deals with the personal data of individuals who live within the EU. Chances are that those companies which think GDPR does not apply to them could be in for an unpleasant surprise.
What the consequences could be
Aside from the 52% of respondents we have already discussed, 27% said they did not have an effective plan in place despite having concerns about GDPR. These companies are right to be concerned. Failure to comply could lead to fines of up to $20 million or 4% of annual turnover, whichever is higher.
If the results of the HyTrust survey are anything to go by, many US companies could experience problems when the GDPR becomes a reality.