© 2019 SourceMedia. All rights reserved.

At the GDPR wire, many firms still not ready for data privacy mandate

The deadline for compliance with the General Data Protection Regulation is only two days away, and yet many organizations—particularly in the U.S.—appear to be unprepared for the new data protection rules.

A recent study by IT online platform Spiceworks showed that among organizations impacted by GDPR, 61 percent of those in the U.K. are already compliant or expect to be by the May 25, 2018 deadline, compared with 46 percent in the rest of the European Union (E.U.) and only 25 percent in the U.S.

Spiceworks surveyed 625 executives in April 2018 from organizations across the U.S., U.K., and the rest of the E.U. Respondents are among the millions of IT professionals in Spiceworks and represent a variety of company sizes and industries.

GDPR impact.jpg
Network servers in a data center. Shallow depth of Field

The findings indicate most organizations are not concerned about potential GDPR penalties, and as a result many are not prioritizing compliance. Only 14 percent of U.K. organizations, 9 percent of E.U. organizations, and 3 percent of U.S. organizations think they’ll be fined for not complying with GDPR by the deadline.

See Also Bracing for the immediate impact of the GDPR

Although concerns over fines are low, the report said, respondents do have lingering questions about the impact GDPR will have on their organization. For example, about one-third of IT professionals think GDPR will make their jobs more difficult, and about 20 percent think the regulations will make it more difficult for their company to do business.

Among organizations impacted by GDPR, the results show U.K. organizations are further ahead in their preparations. More than 60 percent are conducting data audits and documenting their processes to prove compliance, compared with less than half of E.U. organizations and less than one-third of U.S. organizations.

For reprint and licensing requests for this article, click here.