A new survey report by DLA Piper has found that many organizational privacy programs have gaps in meeting increasingly demanding global privacy principles.
While organizations are for the most part aware of upcoming data protection obligations, levels of maturity to meet the new standards are as yet still low.
The report is based on over 250 responses to DLA Piper's Data Privacy Scorebox online survey tool, since its launch in January 2016.
Patrick Van Eecke, Partner and Global Co-Chair of DLA Piper's Data Protection practice, said:
"The responses show that many organizations still have work to do on their data protection procedures. Any organizations operating in Europe will need to see major improvements in their score by May 2018 if they are to avoid potentially heavy financial penalties under the GDPR, not to mention serious reputational damage as people become more and more aware of their rights in this area. With more and more organizations putting data at centre stage, data protection will become an increasingly prominent issue. It is vital that organizations invest now in the strategy and processes needed to help them to meet their obligations."
The European General Data Protection Regulation (GDPR) will apply to data processing carried out by organizations operating within the EU and to organizations outside the EU that offer goods or services to individuals in the EU. The UK government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
Read the report (PDF).