Security

Only 36% of firms will be fully compliant with GDPR by its deadline

According to an IBM survey, 60% of companies are using GDPR as a jumping off point to improve privacy, security, and data management.

At the time of this writing, the deadline for compliance with the EU's General Data Protection Regulation (GDPR) is only nine days away—May 25, 2018. Despite the fast-approaching deadline, only 36% of company leaders believe they'll be fully compliant by that time, according to a recent IBM report.

This doesn't mean that these organizations aren't embracing GDPR—they're just not able to do it quickly enough. And some are looking to the coming regulation as a catalyst for cleaning house: 60% said they're using it as a jumping off point for improving privacy, security, and data management, or as a means for creating a new business model.

A separate Harris Poll study, on behalf of IBM, found that only roughly 20% of US consumers trust organizations to maintain their data privacy.

But in IBM's recent study, 84% of business leaders said they thought proof of GDPR compliance would be a "positive differentiator" to the public.

SEE: Getting ready for the GDPR: An IT leader's guide (Tech Pro Research)

Additionally, 76% said GDPR will help build trusted relationships and offer new business opportunities, according to the study.

"The onset of GDPR also comes during a time of huge distrust among consumers toward businesses ability to protect their personal data," Cindy Compert, CTO of data security and privacy for IBM Security, said in the report. "These factors together have created a perfect storm for companies to rethink their approach to data responsibility and begin to restore the trust needed in today's data-driven economy."

So, what are companies doing in response to GDPR? According to the report, 80% are cutting the amount of personal data they store, 78% are limiting the number of employees with access to personal data, and 70% are getting rid of unneeded data.

Of course, finding the impacted data and making sure it meets the regulation is the hardest part of GDPR compliance. But some companies are hitting it full-on, with 22% of firms using GDPR "as a fully transformational business opportunity for how they approach data responsibility and management."

Of that aforementioned 22%, some 93% have altered their incident response plan to meet GDPR requirements, and 79% are prepared to perform data discovery and verify the accuracy of the data they have. Additionally, some 74% have engaged with security by design principles for their newest products and services, the report said.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Only 36% of company leaders believe their organization will be fully compliant with GDPR by its May 25, 2018 deadline. — IBM, 2018
  • In response to GDPR, 80% of firms are cutting down on the amount of personal data they store, and 78% are limiting the number of people with access to that data. — IBM, 2018

Also see

gdprdata.jpg
Image: iStockphoto/mixmagic

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox