IT decision makers face uncertainties in how employee data is managed and if it follows GDPR guidelines, the new study found.
IT decision makers are generally less than confident that employee personal data is being properly managed at their organization, according to a new study from Osterman Research and ZL Technologies.
Most companies process different types of employee personal data, including emails and HR records, but the study found employee concerns and a lack of policies to secure and manage that data.
Out of 258 US business leaders at organizations of 2,000 employees or more, only 23% said they were very confident in the privacy of their personal data.
SEE: Security awareness and training policy (Tech Pro Research)
Employees at 65% of the respondents' organizations had raised concerns about how the business may be able to access and use personal data created on employee devices. Around 60% of businesses had unmanaged personal data in semi-private spaces like file shares, the study found.
The study also found issues with organizations' abilities to comply with GDPR, which takes effect across the European Union in May 2018. Currently, just 19% of respondents said they are very confident their business could find and correct employee data to meet the guidelines.
While the respondents all worked at US companies, any firm doing business in an EU country will need to comply—and seem to be doing so. Organizations with EU customers were more likely to correctly manage personal data, the study found.
"In the US, we have not been sensitized to protecting the privacy of personal data," Kon Leong, CEO of ZL Technologies, said in the press release. "Only now with GDPR on the horizon are organizations beginning to take note of this vital issue. As analytics and information technologies both make major strides and as new regulations push boundaries, it's crucial that we rethink how we handle privacy going forward."
The findings may prompt business leaders to examine and reconsider any IT policies they have in place, especially if those policies involve any employee personal data. Explaining the policies and taking employee concerns and questions may also help put everyone on the same page and reassure workers that their data is private.
Want to use this information in your next presentation? Feel free to copy and paste these statistics:
- 23% of US business leaders say they're very confident their personal data is properly managed. -ZL Technologies and Osterman Research, 2017
- 60% of business leaders said their organization had unmanaged personal data in semi-private collaboration spaces, like file-sharing areas. -ZL Technologies and Osterman Research, 2017
- Employees at 65% of organizations had raised concerns about how the business may be able to access and use personal data on their devices. -ZL Technologies and Osterman Research, 2017
- Why your company needs clear security policies: A cautionary tale (TechRepublic)
- Encryption Policy (Tech Pro Research)
- Security: Making yourself a hard target for hackers is easier than you think (ZDNet)
- BYOD (bring-your-own-device) policy (Tech Pro Research)
- Gmail ups security for business executives and privacy-conscious professionals with new feature (TechRepublic)
- Password-sharing politicians prompt security row (ZDNet)
- 54% of security experts anticipate a successful cyberattack on their enterprise within the year (TechRepublic)