Many firms falsely believe they meet GDPR compliance

Register now

Many organizations around the world mistakenly think they are in compliance with the upcoming General Data Protection Regulations, according to a report by Veritas Technologies, a provider of multi-cloud data management tools.

The company commissioned independent technology market research firm Vanson Bourne to survey 900 business decision makers in February and March 2017 in the U.S., the U.K., France, Germany, Australia, Singapore, Japan and the Republic of Korea. Nearly one-third (31 percent) of respondents said their organization already conforms to the legislation’s key requirements.

However, when those same respondents were asked about specific GDPR provisions, most provided answers that indicate they are unlikely to be in compliance. On closer inspection, the report said, only 2 percent actually appear to be in compliance, revealing a distinct misunderstanding over regulation readiness.

The findings show that almost half (48 percent) of organizations that stated they are compliant do not have full visibility over personal data-loss incidents. In addition, 61 percent of the same group admitted that it is difficult for their organization to identify and report a personal data breach within 72 hours of awareness—a mandatory GDPR requirement where there is a risk to data subjects.

“The GDPR dictates that multi-national corporations take data management seriously,” said Mike Palmer, executive vice president and chief product officer at Veritas. “However, the latest findings show confusion over what’s needed to comply with the regulation’s mandatory provisions. With the implementation date looming ever closer, these misconceptions need to be eradicated fast.”

For reprint and licensing requests for this article, click here.