If You Are Not GDPR Compliant, You Are Not Alone
I think the European Union (EU) General Data Protection Regulation (GPDR) is great. Wish we would do something like that in the US.
According to a survey, Veritas Technologies found that 86 percent of organizations worldwide are concerned about a failure to comply. It’s not just a fear of noncompliance, but one of going out of business, felt by 20 percent.
Intended to harmonize the governance of information that relates to individuals, in other words, persona data, across EU member states, the GDPR requires greater oversight of where and how personal data – including credit card, banking, and health information – is stored and transferred, and how access to it is policed and audited by organizations.
GDPR, which takes effect on May 25, 2018, will not only affect companies within the EU, but extend globally, impacting any company that offers goods or services to EU residents, or monitors their behavior, for example, by tracking their buying habits.
The survey indicates that a whopping 47 percent of organizations globally have major doubts that they will meet this impending compliance deadline. In Singapore, the number beats the global average, sitting at 56 percent.
So what are the key concerns organizations have voiced?
- 19 percent feel that the negative impact of media and social coverage could cause a loss of customers
- 12 percent are concerned that it could also cause brand damage
- And 21 percent think that it could lead to layoffs
- 18 percent believe that high penalties could mean some organizations go out of business
- 8 percent worry that potential shareholder lawsuits could ensue
- Again 8 percent think they may lose market share to competitors who are better stewards of information
- Just 7 percent have no concerns, as they will be compliant
- 4 percent have no concerns
- And 2 percent just don’t know
Pretty much of a laundry list of reasons then. Gartner predicts that by the end of 2018 more than half of companies affected by GDPR will not be fully compliant. “The GDPR will affect not only EU-based organizations, but many data controllers and processors outside the EU as well,” says Bart Willemsen, Research Director at Gartner.
“Threats of hefty fines, as well as the increasingly empowered position of individual data subjects, tilt the business case for compliance and should cause decision makers to re-evaluate measures to safely process personal data,” concludes Willemsen.
If you are evaluating security solutions that can solve this problem easily, put us at the top of your list. We have a military agency client that hasn’t had a data breach in 12 years. I think that speaks for itself.
Are you worried about GDPR compliance? So much so that you are proactively addressing the issue? Or are you just playing a waiting game?