‘Less Than One-Third’ Of Companies Fully GDPR-Compliant

Less than one-third of companies globally are fully GDPR compliant, despite the fact that the stringent data protection regulations have now been in force for nearly one and a half years.

Capgemini Research Institute said the figure, at only 28 percent, contrasts with more than three-quarters of firms saying last year that they expected to be compliant by the time GDPR came into force in late May 2018.

But companies  “greatly” underestimated the challenges involved, Capgemini said, juding from findings drawn from a survey of more than 1,000 compliance, privacy and data protection personnel.

The study comes after the Information Commissioner’s Office levied a record £183 million fine on British Airways for “poor security arrangements” that led to the personal data of half a million customers being stolen by hackers in September of last year.


Capgemini said many organisations only recognised the scale of the compliance challenge when they began to identify relevant data held by the firm.

Companies cited legacy IT systems as the greatest obstacle to compliance, with 38 percent citing unsuitable systems, while 36 percent said the GDPR’s requirements are too complex and one-third said the financial costs of compliance are prohibitive.

On top of those who feel they are fully compliant, nearly one-third (30 percent) said they were “close to” compliance.

The US led with the highest proportion of companies saying they were compliant, at 35 percent, followed by the UK and Germany at 33 percent each, and Spain, Italy (21 percent each) and Sweden (18 percent) having the lowest proportion of compliant firms.

Competitive advantage

Amongst those companies who did feel they were compliant, the vast majority – 92 percent – said compliance gave them a competitive advantage, enabled them to improve customer trust, customer satisfaction and brand image, leading to higher revenues.

“Organisations need to promote a data protection and privacy mindset among employees and integrate advanced technologies to boost data discovery, data management, data quality, cybersecurity, and information security efficiencies,” Capgemini said in the report.

“Firms that take these actions proactively – and view data protection and privacy regulation as an opportunity – will secure a significant competitive advantage.”

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Cryptocurrency Warning From Bank Of England Governor

Blunt message from Bank of England governor Andrew Bailey, warning people only to buy cryptocurrency…

20 hours ago

Jeff Bezos Offloads $2 Billion In Amazon Shares

Needs some spending money...Amazon CEO Jeff Bezos has this week sold nearly $2 billion worth…

21 hours ago

Twitter Suspends Account Sharing Trump Posts

Shutdown again. An account has been suspended by Twitter for sharing the posts from Donald…

22 hours ago

IBM Claims Breakthrough With 2 Nanometer Chip

Research boffins at IBM are touting a major leap forward in performance and energy efficiency…

2 days ago

Twitter Now Prompts Users To Revise ‘Harmful Replies’

Trolls beware. Twitter releases feature that will deliver a 'reconsider prompt' for users, if they…

2 days ago

Old Routers Pose Security Risk, Warns Which?

Elderly routers that can no longer receive firmware updates posed security risk to millions of…

2 days ago