“80% of US Firms may be effected by GDPR fines” – Computer Weekly.
“50% or more of companies impacted by GDPR will not be prepared” – Gartner
With stats like that, it is no wonder the upcoming General Data Protection Regulation is all the buzz in many organizations. Companies are asking themselves questions like “what does this mean for our business?” or “how will we be impacted by this new regulation?”
Since GDPR will soon be going into effect, we decided to conduct some primary research to understand how organizations are preparing. We surveyed individuals across several different industries to find out. Below are some of the most intriguing findings from the answers we received from 60 business leaders.
How many companies will GDPR impact?
Similar to Gartner’s research, a staggering 80% of our respondents will need to comply with GDPR by the deadline, May 25, 2018. The flip side is even more concerning, since the remaining 20% are unsure as to whether their organization even needs to be in compliance.
On the bright side, of those companies that recognize they must comply, their organizations are already about 75% of the way there. And 60% of the responders felt their company had an attainable plan to achieve compliance. This indicates companies are being proactive in their approach to meet the deadline and avoid hefty fines.
Which functional group ultimately owns ensuring your organization achieves and maintains GDPR compliance?
In our respondent’s organizations, the responsibility of GDPR compliance seems to be spread evenly across the board. The corporate legal group, data and security team, and finance department are responsible 60% of the time, with the IT department a close second. This is interesting, because we know that for the best preparation and ongoing compliance each business process owner must be included, and that all must be coordinated and guided by overall business process.
What resources are you using to better understand GDPR compliance and how it relates to your organization?
Not surprisingly a lot of folks, 80% of our respondents, are turning to online content to learn more. To help companies better understand GDPR, we’ve recently published some helpful content such as:
What outside resources, if any are organizations considering using?
About 60% of the companies we surveyed are partnering with outside organizations to help achieve GDPR compliance. To break it down further, 40% of respondents think half of the work will be conducted using in-house resources, while another 40% think at least three fourths of the work will be done in house.
Most companies (60%) also respond that the auditing for GDPR compliance will be handled in house. And about 40% report they will purchase a third-party software tool to help achieve and maintain compliance as well.
As you can see from our findings, GDPR is a critical topic that is top of mind for many organizations. The deadline is fast approaching, and companies are scrambling to make sure they aren’t caught unaware. If you have questions, or want to learn more about GDPR, sign up to speak with one of our GDPR experts. We’ll walk you through everything you need to know to be, and stay, compliant.