Survey Shows North American and APAC Companies Unprepared for New Data Protection Law GDPR

The Survey Was Conducted by Data Management Company ioFABRIC Inc

A new survey of IT professionals reveals more than half of North American companies have not taken steps to prepare for the European Union’s General Data Protection Regulations (GDPR), which takes effect May 25, 2018.

The survey was conducted by data management company ioFABRIC Inc. Respondents represented companies across a broad spectrum of industries. Because GDPR affects all organizations possessing personally identifiable data of EU residents, regardless of where the organization is located, North American and APAC companies are subject to its rules. The survey shows a critical need for businesses in these regions to take additional steps toward data security.

Also Read: What Does GDPR Mean For Martech?

Location, location, location

While IT pros in South America, Africa, and Europe are all aware of GDPR, those in other global regions were drastically less informed. Fifteen percent of North American respondents and nine percent from the APAC region said they are not familiar with GDPR at all.

Along with the surprising result that 53 percent of North American companies have not taken any steps toward GDPR compliance, 37 percent of these respondents feel they are not adequately informed about how its regulations will impact their business. In APAC, 71 percent said they are not adequately informed, and 43 percent have failed to take steps to manage GDPR regulations.

In contrast, 83 percent of respondents from South America, Africa, and Europe report they have taken steps, and 70 percent are confident they are prepared.

Also Read: How the GDPR Affects American Retailers like Whole Foods and Amazon, and What Businesses Can do to Mitigate Their Risk

Changes implemented

Worldwide, the primary ways companies are preparing for GDPR is updating their privacy policies and developing new procedures for data management. More than one-third reported they have taken each of these steps, and almost as many said they have adopted new procedures for storage management.

Respondents were much less likely to use professional resources, with only 13 percent hiring an outside consultant, less than 15 percent purchasing new software, and 17 percent purchasing new hardware. However, nearly 20 percent say they consulted an attorney about their business risks.

“It’s alarming that there isn’t more awareness in North America, and that there’s a huge preparedness gap in different global regions, even though we’re all obligated to comply with GDPR,” said ioFABRIC CEO Steven Lamb. “What’s still missing is bringing in expert consultants and/or adding hardware and software to deal with GDPR. If I can offer any advice to those whose companies are unprepared, it’s this: don’t wait because the fines for non-compliance are high.”

Recommended Read: GDPR Compliance Isn’t the End of the World for Your B2B Marketing