Businesses struggling to meet GDPR deadline

25th of May is almost knocking our door and many companies still playing catch up with the General Data Protection Regulation (GDPR). Reports in April indicated that IT managers across the U.S, UK, France, and Germany were still not transforming their business quickly enough to adapt to the GDPR.

7 Days to go until the GDPR comes into force

The GDPR has been announced two years ago, and organizations have lagged in preparing for GDPR compliance, in many cases not even acknowledging the issue. By doing these companies are ignoring the benefits they can gain from becoming compliant.

Improving data handling processes can take an initial investment but will ultimately lead to more secure and transparent policies.

The GDPR in a nutshell

  • Describes legal grounds for processing personal data.
  • Requires companies to establish personal data risk management, policies, and procedures.
  • Includes an obligation to notify the regulator of breaches.
  • Enhances data subject rights such as right to erasure, data portability, and the right of refusal, for example for direct marketing purposes.
  • Contains information obligation to data subjects.
  • Gives regulators investigation and sanctioning powers.

Failure to comply with the GDPR can cost companies 20 million euros or up to 4% of their annual revenue.

Learn what the GDPR is, with our GDPR in a nutshell Infographic.

Most businesses are not ready for GDPR

67% of global businesses think they may not meet the GDPR deadline. While the NetApp report indicates that most are working to alleviate concerns, it is clear that many companies won’t meet the 25th May deadline.

The same survey highlights a surprising skepticism towards the new regulation. According to the NetApp report:

  • 40% of U.S. businesses and 35% of global businesses think that GDPR could threaten their existence due to financial penalties
  • 52% of U.S. businesses and 50% of global businesses think that it could lead to reputational damage.
  • Only 52% of U.S. businesses and 39% of global businesses are confident that they know where their data is stored.
  • 63% of U.S. businesses continue to invest in private cloud services and ensure compliance with data protection.

 

The GDPR brings long-term benefits

Complying with the GDPR will increase efficiency and make businesses more trustworthy.

Having data protection processes in place, and giving more power to users, will have a long term positive impact. Being GDPR compliant will increase trust among your clients and employees.

It’s possible that companies are not rushing towards compliance, due to uncertainty about how it will be enforced and its impact.

Only after May will we know how strict regulators will be when applying fines to companies that are not following the GDPR.

However, a “wait and see” approach could become a costly mistake. If your company or organization deals with personal data make sure you have the right processes in place.

Businesses searching for compliance in the cloud

Changing how your business processes data can involve some hefty costs, however, working with cloud solutions you trust can help make the process easier.

Cloud usage has been increasing, and companies are more reliant on cloud solutions. Using a compliant cloud platform is already a significant step in the right direction.

A GDPR Ready cloud solution can be extremely helpful if you want to guarantee the privacy of your data and need to share it on daily basis.

If your company is located in Europe it’s possible you are looking for exclusive cloud storage in Europe.

Skepticism over U.S companies such as Microsoft and Dropbox is growing. The recently approved CLOUD Act directly counteracts the GDPR and raises more questions about privacy.

It’s still uncertain what the true impact of the GDPR will be after May 25th. However, make sure you are doing as much as possible to become compliant. Start with evaluating what cloud solutions does your company use and whether they are GDPR compliant.

Sources: FT Adviser, Computer Weekly , Security Brief

Leave a Reply

Your email address will not be published. Required fields are marked *