Less Than Half Have A Structured Plan In Place To Comply With GDPR, 58 Percent Don’t Fully Understand The Consequences Of Noncompliance
The General Data Protection Regulation (GDPR) will go into effect in 2018, making organizations accountable for personal data protection including how and where data is stored and how it is processed within the organization. However, according to a new survey from business analytics leader, SAS, less than half (45 percent) of organizations surveyed have a structured plan in place for compliance and more than half (58 percent) indicate that their organizations are not fully aware of the consequences of noncompliance.
“There are a lot of organizations that simply don’t know where to start on their journey to becoming GDPR compliant,” said Arturo Salazar, Principal Business Solutions Manager, SAS. “We recommend starting with a solid data governance strategy to ensure that the technologies and policies are in place to fully understand where your data is stored and who has access to it.”
Highlights from the survey include:
- Most respondents feel that GDPR will have a large impact on their organization. However, many respondents (42 percent) indicate that their organizations are not fully aware of this impact.
- Only 45 percent of organizations have a structured process in place to comply with GDPR, but of those only 66 percent think that this process will lead to successful compliance. In fact, many admit that they do not know how to determine if they are GDPR compliant.
- Unsurprisingly, large organizations (5,000 employees+) are better equipped to handle GDPR with 54 percent being fully aware of the impact, compared to just 37 percent of small organizations.
- Only 24 percent of organizations make use of external consulting to become GDPR compliant, but those with a structured process in place use external consulting more often (34 percent).
- Just 26 percent of government organizations are aware of the impact of GDPR, the lowest of any industry segment.