New research from TrustArc revealed that, though companies are prioritizing GDPR compliance, some 53% are still in the implementation phase.
Following the EU's May 25 deadline, Dimensional Research conducted a survey, sponsored by TrustArc, one month later that gauged GDPR compliance among companies in the US, UK, and EU.
According to a press release on the report, only 20% of companies said they believed their company was currently compliant, even though the deadline for compliance has long since passed.. Some 27% reported that they had not even begun the process yet. However, 53% of companies reported that they were currently in the implementation phase for GDPR compliance.
SEE: Getting ready for GDPR: An IT leader's guide (Tech Pro Research)
The report found that EU companies are slightly ahead of their US and UK counterparts, with 27% compliance compared to 12% in the US and 21% in the UK.
Though some companies have a long way to go, the report found that the number of companies that have begun or completed GDPR compliance increased from 38% to 66% in the US and 37% to 73% in the UK between the summer of 2017 and now.
The timeline for compliance varies. The report found that 74% of companies plan to be compliant by the end of 2018, and 93% reported that they expected to be compliant by the end of 2019.
The GDPR implementation process is a costly one. According to the report, 27% of companies spent over a half million dollars to become GDPR compliant. Some 25% of US companies spent over $1 million each on compliance, whereas only 10% of UK companies and 7% of EU companies spent this same amount. Roughly 31% of companies plan to spend over half a million dollars on compliance for the remainder of 2018.
Additionally, the report found that customer satisfaction was the main driver for companies to become compliant (57%), not fines (39%). The complexity of GDPR posed the biggest challenge for companies.
Although achieving GDPR compliance is a challenge, the report found that 65% of respondents believed it would have a positive impact on their businesses. Only 15% saw the change as negative.
The big takeaways for tech leaders:
- GDPR compliance doesn't happen overnight. Only 20% of companies believe they meet GDPR standards despite the deadline passing some time ago.
- Despite challenges in implementing GDPR, 65% of respondents believe it is a positive change for their businesses.
- IT pro's guide to GDPR compliance (free PDF) (TechRepublic)
- What is GDPR? Everything you need to know about the new general data protection regulations (ZDNet)
- GDPR: A cheat sheet (TechRepublic)
- GDPR compliant? Here's a handy five-step preparation checklist (ZDNet)
- Top 5: Things you should know about GDPR (TechRepublic)