New IAPP and TrustArc Report Reveals a Majority of Companies Are Embracing a Single Global Data Protection Strategy

New IAPP and TrustArc Report Reveals a Majority of Companies Are Embracing a Single Global Data Protection Strategy

Survey Explores Differences in Data and Privacy Practices Based on Company Size, Location, Sector and Geographic Reach

TrustArc, the leader in privacy compliance and data protection solutions, and the International Association of Privacy Professionals (IAPP), the world’s largest global information privacy community, announced the results of new benchmarking research that examines the current state of privacy operations. The research shows that a majority of companies are adopting a single global data protection strategy to manage evolving legal requirements, and that managing the expanding ecosystem of third parties handling data has become a top priority.

“The data outlined in this study demonstrates, once again, that privacy is not a one-off endeavor,” said Trevor Hughes, CEO and president of the IAPP. “Privacy management is an increasingly complicated industry. As a result, the role of privacy professionals is taking center stage. Our research highlights how they must act as stewards for implementing the processes and technologies required to ensure scalable compliance across an ever-growing ecosystem of data from partners, customers, and vendors.”

Marketing Technology News: TechBytes with Gabe Morazan, Director of Product Management at Crownpeak

Evolving Ecosystem of Partners, Customers, and Vendors Driving Risk Assessment Processes

Vendor and third-party risk assessments ranked first among privacy assessments globally, with 78 percent of U.S. respondents reporting that they now conduct them. That figure indicates the growing complexity of the ecosystem now impacting compliant data privacy management.

“The CCPA will be the toughest privacy law this country has seen to date, expanding the rights of consumers and their data,” said Chris Babel, CEO of TrustArc. “This survey reinforces what we continue to see and hear from our thousands of customers: that privacy management is getting more complex. That’s why we continue to lead the charge in building the technology solutions and enabling the infrastructure integrations necessary to make compliance automated and scalable.”

To understand the different types of privacy operations across regions, company size and industry, TrustArc and the IAPP surveyed close to 350 privacy professionals in the U.S., EU, UK and Canada.

Key findings from the survey include:

U.S. companies comply with more laws than EU counterparts, which focused primarily on GDPR

  • 79% of respondents report complying with two or more privacy laws, while only 16% are focused on just one.
  • 10% report actively working to comply with 50 privacy laws or more at once, while 13% are working on 6-10 laws, and another 13% on 11-49 laws.
  • EU respondents were more likely to report actively working to comply with five or fewer privacy laws, while U.S. respondents were more likely than their EU counterparts to be complying with 11 or more laws.
  • Significantly more EU+UK respondents (81%) conduct Data Protection Impact Assessments as compared to U.S. respondents (53%).

Marketing Technology News: SAP and Mercedes-Benz EQ Formula E Team Power Up Their Business Performance Partnership

Majority pursuing a single, global data protection strategy

  • 56% of respondents across all geographies are working toward a single, global data protection and privacy strategy for data subjects’ rights.
  • Only 28% of U.S. companies and 21% of EU+UK companies categorize data subjects by jurisdiction and geography and handle each data subject’s data according to the laws that apply to that individual.
  • A majority of EU+UK respondents report serving customers in only one region (22%) compared to U.S. respondents (11%).

Growing complexity is driving operational changes to privacy programs

  • 47% updated their website’s cookie policy and 80% updated their website’s privacy policy one or more times in the last 12 months.
  • 42% deleted personal data more regularly; more so among EU+UK respondents (56%) than U.S. (44%).
  • 21% converted from an opt-out to an opt-in email marketing strategy across geographies; vastly more so in the EU+UK (30%) compared to US respondents (13%).

Marketing Technology News: Outreach Unveils Game-Changing AI Capabilities that Help Sales Reps Engage Smarter at Dreamforce 2019

Picture of PRNewswire

PRNewswire

PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution that marketers, corporate communicators, sustainability officers, public affairs and investor relations officers leverage to engage key audiences. Having pioneered the commercial news distribution industry over 60 years ago, PR Newswire today provides end-to- end solutions to produce, optimize and target content -- and then distribute and measure results. Combining the world's largest multi-channel, multi-cultural content distribution and optimization network with comprehensive workflow tools and platforms, PR Newswire powers the stories of organizations around the world. PR Newswire serves tens of thousands of clients from offices in the Americas, Europe, Middle East, Africa and Asia-Pacific regions.

You Might Also Like