Following the EU’s May 25 deadline, Dimensional Research conducted a survey, sponsored by TrustArc, one month later that gauged GDPR compliance among companies in the US, UK, and EU.

According to a press release on the report, only 20% of companies said they believed their company was currently compliant, even though the deadline for compliance has long since passed.. Some 27% reported that they had not even begun the process yet. However, 53% of companies reported that they were currently in the implementation phase for GDPR compliance.

SEE: Getting ready for GDPR: An IT leader’s guide (Tech Pro Research)

The report found that EU companies are slightly ahead of their US and UK counterparts, with 27% compliance compared to 12% in the US and 21% in the UK.

Though some companies have a long way to go, the report found that the number of companies that have begun or completed GDPR compliance increased from 38% to 66% in the US and 37% to 73% in the UK between the summer of 2017 and now.

The timeline for compliance varies. The report found that 74% of companies plan to be compliant by the end of 2018, and 93% reported that they expected to be compliant by the end of 2019.

The GDPR implementation process is a costly one. According to the report, 27% of companies spent over a half million dollars to become GDPR compliant. Some 25% of US companies spent over $1 million each on compliance, whereas only 10% of UK companies and 7% of EU companies spent this same amount. Roughly 31% of companies plan to spend over half a million dollars on compliance for the remainder of 2018.

Additionally, the report found that customer satisfaction was the main driver for companies to become compliant (57%), not fines (39%). The complexity of GDPR posed the biggest challenge for companies.

Although achieving GDPR compliance is a challenge, the report found that 65% of respondents believed it would have a positive impact on their businesses. Only 15% saw the change as negative.

The big takeaways for tech leaders:

  • GDPR compliance doesn’t happen overnight. Only 20% of companies believe they meet GDPR standards despite the deadline passing some time ago.
  • Despite challenges in implementing GDPR, 65% of respondents believe it is a positive change for their businesses.