‘Less Than One-Third’ Of Companies Fully GDPR-Compliant

Less than one-third of companies globally are fully GDPR compliant, despite the fact that the stringent data protection regulations have now been in force for nearly one and a half years.

Capgemini Research Institute said the figure, at only 28 percent, contrasts with more than three-quarters of firms saying last year that they expected to be compliant by the time GDPR came into force in late May 2018.

But companies  “greatly” underestimated the challenges involved, Capgemini said, juding from findings drawn from a survey of more than 1,000 compliance, privacy and data protection personnel.

The study comes after the Information Commissioner’s Office levied a record £183 million fine on British Airways for “poor security arrangements” that led to the personal data of half a million customers being stolen by hackers in September of last year.

Challenge

Capgemini said many organisations only recognised the scale of the compliance challenge when they began to identify relevant data held by the firm.

Companies cited legacy IT systems as the greatest obstacle to compliance, with 38 percent citing unsuitable systems, while 36 percent said the GDPR’s requirements are too complex and one-third said the financial costs of compliance are prohibitive.

On top of those who feel they are fully compliant, nearly one-third (30 percent) said they were “close to” compliance.

The US led with the highest proportion of companies saying they were compliant, at 35 percent, followed by the UK and Germany at 33 percent each, and Spain, Italy (21 percent each) and Sweden (18 percent) having the lowest proportion of compliant firms.

Competitive advantage

Amongst those companies who did feel they were compliant, the vast majority – 92 percent – said compliance gave them a competitive advantage, enabled them to improve customer trust, customer satisfaction and brand image, leading to higher revenues.

“Organisations need to promote a data protection and privacy mindset among employees and integrate advanced technologies to boost data discovery, data management, data quality, cybersecurity, and information security efficiencies,” Capgemini said in the report.

“Firms that take these actions proactively – and view data protection and privacy regulation as an opportunity – will secure a significant competitive advantage.”

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Meta Sues Developer of CrushAI ‘Nudify’ App

Meta Platforms launches lawsuit against company behind CrushAI, as it looks to enforce clamp down…

3 days ago

Google Resolves Global Cloud Outage

Brief Google Cloud outage on Thursday now resolved after impacting other services including Spotify, Discord…

3 days ago

Meta Invests $14.3bn In AI Firm Scale, Poaches CEO

Meta makes huge investment in AI startup Scale AI, whose founder and CEO Alexandr Wang…

3 days ago

Micron Increases US Investment Amid Trump Onshoring Drive

American chip firm Micron expands investment plan in America by $30bn to $200bn, including two…

3 days ago

Paragon Spyware Used To Target European Journalists, Warns Citizen Labs

Security researchers at Citizen Labs reveals devices of a number of Italian journalists have been…

3 days ago

WhatsApp Supports Apple In Legal Battle With UK Government

Meta's messaging platform WhatsApp publicly supports Apple in its legal battle against the UK's Home…

4 days ago