GDPR – 365 days to go
Data Privacy and Security

GDPR – 365 days to go

Today represents exactly one year until the new European Union’s General Data Protection Regulation (GDPR) comes into force. However, despite having some two years to be ready, most companies are still lagging on their preparations.

Two different studies released in the last month show the majority of companies in the UK, EU, and US, are all yet to be compliant with the incoming rules. According to Shred-it, the majority of UK companies are not even aware of the regulations, while a recent study by Compuware suggests that most US companies are aware of GDPR but a significant minority don’t have a plan in place to deal with the incoming rules.

“GDPR will represent the biggest change to data protection law in 20 years,” says Matthew Holman, Principal at EMW Law’s Commercial Team. “It will apply to all businesses, regardless of size, sector or turnover.”

GDPR’s rules – which affect every company that has data on European customers – state that data collection must be given with consent, companies must encrypt personal data, companies must provide personal data upon request by that person, data breach notification must be given within 72 hours, and in certain cases, hire a Data Protection Officer. Fines for failure to comply can be up to 4% of global turnover.

“One of the biggest issues faced by businesses is lack of senior management buy-in,” according to Holman. “There remains a degree of nonchalance in most company boardrooms about the importance and significance of data protection law.”

“When the GDPR arrives in 12 months’ time, the reality of implementation will almost certainly take many businesses by surprise. Average industry estimates for creation and execution of a GDPR compliance project is 12 to 15 months.”

For UK companies, don’t think Brexit will save you. The UK Information Commissioner’s Office (ICO) has said UK companies should carry on with GDPR preparations not only because the UK will still be in the EU when the rules come into effect, but also whatever UK privacy laws are introduced will be similar, if not identical. The size of fines ICO issued in 2016 would have been almost 10 times greater under GDPR legislation, according to an NCC Group study. Despite this, nearly a quarter of UK companies are thought to have stopped their GDPR preparations.

According to Mimecast, the issue of email security within GDPR is being lost, even amongst companies making efforts to prepare.

“GPDR changes what constitutes personal and sensitive data,” says Mayur Pitamber, Mimecast Product Marketing Manager. “Yet most organisations do not realise how much sensitive personal data is hidden within their employees’ email.”

“An ‘archive-all’ culture means organisations don’t always know what lurks in their vast pools of unstructured data such as email messages and attachments. Yet ignorance is no defence for compliance requirements.”

IDG Connect’s GDPR coverage:
What we know, and don’t know, about GDPR
GDPR may leave some burned
From insular US firms to spammy marketers: Who will GDPR hit the hardest?
UK needs to align with GDPR, even post-Brexit
Brexit means GDPR and unhindered data flows
Is the EU-decreed DPO the next big IT role?
GDPR: The World needs “at least” 75,000 DPOs

PREVIOUS ARTICLE

«Latest IDG research: Strategic CIOs happier and better paid

NEXT ARTICLE

UiPath leads march of the software robots»
author_image
Dan Swinhoe

Dan is Senior Staff Writer at IDG Connect. Writes about all manner of tech, from driverless cars , AI, and Green IT to Cloudy stuff, security, and IoT. Dislikes autoplay ads/videos and garbage written about 'milliennials'.  

  • twt
  • twt
  • Mail

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?