Even though the GDPR is just a year from coming into force, the majority of businesses are still unprepared. This is according to new research from Compuware, which says businesses are risking huge non-compliance fines.
Some businesses, truth be told, have made progress since last year.
The most progress has been made on the knowledge front – 67 per cent of European and 88 per cent of US organisations with EU customer data are informed on GDPR. This is up from 55 per cent and 73 per cent respectively, last year.
UK businesses, unfortunately, are least prepared to comply with the General Data Protection Regulation. Globally speaking, almost one in four (38 per cent) have ‘comprehensive plans’ for GDPR compliance, which means more than six in ten are risking non-compliance fines. In the UK, that percentage is 19 per cent – a ‘marginal improvement’ over last year’s 18 per cent.
Three quarters of organisations surveyed said IT complexities are making it difficult to know where customer data resides at all times, making the Right To Be Forgotten a difficult one to handle. Almost a third can’t guarantee they would be able to find customer data if they were required to do so.
“Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe,” said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware. “UK businesses may be behind due to initial uncertainty over the impact of Brexit. But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats.”
Image source: Shutterstock/Wright Studio