Businesses mistakenly think they're in compliance with GDPR

A new study has claimed that, contrary to what they may think, many businesses are struggling to be ready for GDPR.

According to The Veritas 2017 GDPR Report, a third (31 per cent) of respondents believe their enterprise is in line with the regulation’s key requirements. On the other hand, when they were asked about specific GDPR provisions, their answers have shown that they’re most likely not compliant. 

Veritas says that just two per cent actually seem to be in compliance.  

“With the EU’s General Data Protection Regulations (GDPR) less than one year away, organisations around the world are deeply concerned about the impact that information non-compliance can have on their brand and loyalty of their customers,” said Jason Tooley, Vice-President, Northern Europe, Veritas.

Almost half (48 per cent) of companies stating they’re compliant don’t have full visibility over personal data loss incidents. Almost two thirds (61 per cent) say it’s difficult for their organisations to identify and report a personal data breach within three days, which is a GDPR requirement. 

“Organisations that think they are already compliant with the GDPR should revisit their compliance strategies,” the report says. Those that fail to comply risk fines of €20 million or more. 

Tooley added: “The results today show that more education is needed on the tools, processes and policies to support information governance strategies that are required to comply with the GDPR requirements. Creating an automated, classification-based, policy-driven approach to GDPR is key to success and will enable organisations to accelerate their ability to meet the regulatory demands within the short timeframes available.”

You can read the rest of our GDPR coverage here.

Image source: Shutterstock/Wright Studio