Few prepared for new European data protection regulations: Survey

The creation of the European Union was to give nations on the continent some combined muscle to stand up to the political and economic power of the U.S. and China. And in its tough data protection standards for organizations that want to do business in the EU it has done that.

But according a global survey paid for by Dell, with the EU’s new  new General Data Protection Regulation (GDPR), which comes into effect May 2018, few organizations have more than a general awareness of the requirements of the new regulation, how to prepare for it, and the impact of non-compliance on data security and business outcomes. Those not fully compliant when GDPR goes into effect risk significant fines, potential breaches and loss of reputation.

Among the survey results:

  • More than 80  per cent of respondents say they know few details or nothing about GDPR
  • Less than one in three companies feel they are prepared for GDPR today
  • Close to 70 per cent of IT and business professionals say they are not nor don’t know if their company is prepared for GDPR today, and only three per cent of these respondents have a plan for readiness
  • Respondents in Germany feel most prepared for GDPR (44 per cent), while respondents in Benelux (Belgium, the Netherlands, Luxembourg) feel least prepared (26 per cent)
  • More than 75 per cent of respondents outside Europe say they are not or don’t know if they are prepared for GDPR
  • Nearly all companies (97 per cent) don’t have a plan in place when GDPR kicks off in 2018.

Dell says the survey also shows that while organizations realize failure to comply with GDPR will impact both data security and business outcomes, they are unclear on the extent of change required, or the severity of penalties for non-compliance and how changes will affect the business. Seventy nine per cent say they would not, or were not aware whether their organization would face penalties in its approach to data privacy if GDPR had been in effect this past year.

  • Of the 21 per cent of respondents who said they would face a penalty if GDPR were in place today, 36 per cent think it would require only an easy remediation, or don’t know the penalty
  • Close to 50 per cent believe they would face a moderate financial penalty or manageable remediation work
  • Nearly 25 per cent expect significant changes in current data security practices and technologies.

Dell says best practices will help successfully address GDPR requirements and avoid the consequences of non-compliance. In addition, Canadian organizations that sell into the EU and keep EU citizens’ personal data should hire a data protection officer (DPO). A requirement for GDPR, the position can be full-time, or filled by an employee with other responsibilities or an outsourced agency.

Organizations should also have a firm access governance policy and access management.

The survey of 821 IT and business professionals responsible for data privacy was conducted by Dimensional Research responsible for data privacy at companies with European customers in the United States, Canada, Australia, Hong Kong, Singapore, India, United Kingdom, Germany, Sweden, Belgium, The Netherlands, France, Italy, Spain and Poland.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now