All the talk and warnings about the impending arrival of the General Data Protection Regulation made little impact, as months after its implementation, businesses are still not compliant.
This is according to cybersecurity company Imperva, whose latest survey suggests a significant portion of businesses still don’t feel compliant with GDPR.
Conducted at the Infosecurity Europe trade show, the survey says 28 per cent of organisations aren’t compliant, despite GDPR kicking off in late May.
“The deadline has now come and gone, yet the study shows that many organizations aren’t sure they have achieved GDPR compliance,” said Terry Ray, CTO of Imperva. “Any company that put GDPR off until the last minute now realizes compliance cannot be achieved overnight. It does not surprise me that many organizations feel unsure about the idea of a GDPR audit. The truth is many would fail.”
When asked if they know where their users’ personal data is stored, more than a half said they’d need more time to clean up shop. More than a third knows where all users’ personal data resides, and 90 per cent said they could easily respond to individual requests asking to disclose the info they hold on them.
GDPR, which kicked off on May 25 this year, regulates how businesses collect, store, safeguard and share personal data on their EU-based users.
Image source: Shutterstock/Wright Studio