More businesses are becoming familiar with GDPR, but fines are still likely
Even though the GDPR is just a year from coming into force, the majority of businesses are still unprepared. This is according to new research from Compuware, which says businesses are risking huge non-compliance fines.
Some businesses, truth be told, have made progress since last year.
The most progress has been made on the knowledge front -- 67 percent of European and 88 percent of US organizations with EU customer data are informed on GDPR. This is up from 55 percent and 73 percent respectively, last year.
UK businesses, unfortunately, are least prepared to comply with the General Data Protection Regulation. Globally speaking, almost one in four (38 percent) have "comprehensive plans" for GDPR compliance, which means more than six in ten are risking non-compliance fines. In the UK, that percentage is 19 percent -- a "marginal improvement" over last year’s 18 percent.
Three quarters of organizations surveyed said IT complexities are making it difficult to know where customer data resides at all times, making the Right To Be Forgotten a difficult one to handle. Almost a third can’t guarantee they would be able to find customer data if they were required to do so.
"Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe," says Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware. "UK businesses may be behind due to initial uncertainty over the impact of Brexit. But any organization doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats."
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.