Becoming compliant with the General Data Protection Regulation was a burden which weighed heavily on UK businesses' resources, ICSA: The Governance Institute and The Core Partnership says.
According to new poll, 78 per cent of UK organisations have experienced a huge drain of resources as they looked to become compliant with GDPR. For 13 per cent, it wasn’t such a big deal, and the rest – 9 per cent – were unsure.
Some organisations had to hire more staff to get things sorted out, while others opted for external consultants. Whichever path they choose, they were faced with significant obstacles and roadblocks.
Different issues arose, according to the report, including situations where even external consultants were swamped with work to the point where they became too slow in communicating or cooperating.
Companies were saying that GDPR was something of a handbrake for their business. Instead of focusing on growth or improved productivity, they were focused on compliance, for an extended time period.
“Tech resources have been diverted from business improvements to compliance at a time when a UK company should be focussing on using technology to improve productivity and drive the business forward,” one critic stated.
When GDPR kicked off on May 25, just half of companies were compliant. More than a quarter (27 per cent) were not compliant, while the rest – 23 per cent – were unsure.
“Achieving full compliance has been extremely time-consuming for many organisations and there is some concern that ongoing compliance will continue to be burdensome. Many of the areas that were named as being problematic – coordination between jurisdictions; group-wide solutions; third-party engagement; and staff training – will continue to be of importance and will require organisations to review processes and procedures on an ongoing basis. It is important for organisations to keep in mind that 25 May was just the start.”
Image source: Shutterstock/Wright Studio