Businesses unprepared, and underpreparing, for GDPR

Organisations don't understand what GDPR is, and what kind of effects it is going to have on their business.

Organisations don't understand what GDPR (General Data Protection Regulation) is, and what kind of effects it is going to have on their business, according to Symantec. Yes, pretty much all of them (96 per cent).  Polling 900 business and IT decision makers in the UK, France and Germany, the results have shown how almost a quarter (22 per cent) consider compliance a top priority in the next two years. On the other hand, just 26 per cent believe their organisation is fully prepared for GDPR.  

“These findings show businesses are not only underprepared for the GDPR – they are underpreparing,” said Kevin Isaac, senior vice president, Symantec. 

“There is a significant disconnect between how important privacy and security is for consumers, and its priority for businesses. The good news is there’s still time to remedy the situation – if firms take immediate action.” Almost a quarter (23 per cent) said their organisation will either be 'partially compliant', or not compliant at all, by 2018. Out of that number, 49 per cent believe not all departments will be able to comply, with just 20 per cent believing it would be possible for entire organisations to comply by that time.  

But wait – it gets worse. Not only are they out of touch with what GDPR is, they're also out of touch with consumer expectations regarding both data privacy and security. Almost three quarters (74 per cent) don't think consumers care about organisations' privacy record. More than a third (35 per cent) don't believe their company ethically approaches data protection and security. 

Image source: Shutterstock/alexskopje