Regardless of the fact that there was a two-year grace window for companies to prepare for GDPR compliance a recent survey study titled “GDPR Readiness Survey” shows that very few are 100% compliant with the new European Union legislation.
GDPR is, a European Union based regulation that requires businesses to protect the personal data and the privacy of any European Union (EU) natural persons when transactions occur within EU Member States.
GDPR was devised to safeguard data such as identifiable information (names, addresses, dates of births), web-based data, health and genetic data and biometric data. The legislation became enforceable on May 25, 2018 and apply to all companies operating in the EU and marketing to EU data subjects. GDPR was built on the precedent that private information always is, or should be, private and that people have rights in relation to that data or that “data protection is a fundamental right.”
The result of the survey revealed that only 29% of the participants were aware of the GDPR, 44% responded saying that they were somewhat aware, and 29% revealed that they were completely unaware. The survey also showed that only 24% of businesses believed that they were ready for GDPR, and 31% felt they were somewhat ready. In contrast to this 36% of business that said they did not feel ready, and another 9% answered saying that they were unsure.
These numbers are worrying as the highest applicable penalty is €20 million or 4% of annual global revenue of the company involved.
In addition to this, the GDPR Readiness survey also uncovered that 45.6% of businesses reported that they have not become compliant because they are waiting to see what enforcement arises from the regulation. However, as more companies are sanctioned with initial fines, this number will likely fall.
In order to become compliant with the GDPR and similar legislation, businesses need train their staff on these regulations and determine how to adhere with the requirements.