One of the key planks of the upcoming GDPR legislation is the right to removal of personal data, the so-called, 'right to be forgotten'.
But a new study from big data application provider Solix Technologies reveals that 65 percent of organizations are unsure if an individual's personal information can be purged from all their systems.
Among other findings are that 22 percent of organizations are unaware that they must comply with GDPR, even if they are based outside of the European Union but hold data of EU citizens. 38 percent say that all their personal data under the new GDPR rules is not protected from misuse and unauthorized access at every stage in its lifecycle.
More than half (64 percent) of organizations do not have a Data Protection Officer, and while 82 percent say they know where their sensitive data is stored, only 55 percent maintain audit trails for data consents, collections updates, and deletion.
53 percent are not confident that processing of all personal data is based on explicit permission provided by the individual, and 65 percent are not confident that their GDPR data will stay within the EU.
"Based on our survey data, it's clear that the majority of organizations are not currently prepared to meet GDPR requirements," says John Ottman, executive chairman of Solix Technologies. "There is an urgency to take steps now, as the enforcement deadline quickly approaches and applies to anyone who is currently operating with EU customers."
You can read more about the findings on the Solix website and there's a summary infographic below.