The majority of companies still don’t share the data they have on users with those users, within a month of them making such a request, according to a new report by Talend. Under GDPR, that is something businesses absolutely must do.
But the situation is not as grim. Talend says that 58 per cent of companies failed to provide copies of data, down from 70 per cent a year ago. So there is progress, even though Talend says the rate remains low, 18 months into GDPR.
"These new results show clearly that Data Subject Access Rights is still the Achilles' heel of most organizations," said Jean-Michel Franco, Senior Director of Data Governance Products at Talend.
"To fully comply with GDPR it is necessary to understand where the data is, how it is processed and by whom, as well as ensure that the data is trusted. With several data protection regulations coming into force in the US (California Consumer Privacy Act in January 2020), across APAC (PDPA in Thailand in May 2020), and in Latin America (LGPD in Brazil in August 2020), organisations need to start a data governance transformation to deliver a 360 degree view of customers and empower the people in charge of data protection with more automated data processing and delivery.”
GDPR, or General Data Protection Regulation, is an EU-wide regulation that aims to sort how businesses gather, store, secure and share data they have on EU citizens. Businesses that fail to comply with GDPR are facing huge fines, going up to 4 per cent of their annual global revenue.