A recent General Data Protection Regulation (GDPR) readiness survey undertaken by the specialist law firm, Technology Law Alliance, shows that only 18 percent of UK and multi-national organizations are ‘highly confident’ that they will meet the deadline next May, for compliance with the new GDPR.
The survey results showed that the biggest challenges which organizations face, are dealing with the large number of systems on which data is stored and processed, and the lack of internal resource and know-how about GDPR.
With the ‘high confidence’ figure for GDPR compliance by 25th May 2018 being at such a low level, one would assume that this would have the attention of the boards of the respective organizations. However, only 51 percent of organizations indicated that regular board level reporting was being undertaken in respect of GDPR readiness, despite survey responses showing that 78 percent of organizations regard GDPR compliance as more important than other compliance programmes.
In terms of what organizations are actually doing to prepare for GDPR, 89 percent of respondents indicated that their organizations were involved in some form of data mapping or data flow activity. However, only 41 percent had a detailed GDPR compliance plan in place.
Although the survey results revealed that there are clear challenges which GDPR compliance is imposing on organizations, over three-quarters of organizations saw GDPR compliance as a positive initiative. Organizations cited reasons such as: helping them focus more clearly on the way in which data is used internally; becoming more transparent with individuals with regard to use of their data; and improving security within their organizations.