A study from Veritas Technologies, a leader in multi-cloud data management with its UK headquarters in Reading, has found that organisations across the globe mistakenly believe they are in compliance with the upcoming General Data Protection Regulation (GDPR).
According to findings from The Veritas 2017 GDPR Report, almost one-third (31%) of respondents said that their enterprise already conforms to the legislation’s key requirements. However, when those same respondents were asked about specific GDPR provisions, most provided answers that show they are unlikely to be in compliance. In fact, upon closer inspection, only 2% actually appear to be in compliance, revealing a distinct misunderstanding over regulation readiness.
“With the EU’s General Data Protection Regulations (GDPR) less than one year away, organisations around the world are deeply concerned about the impact that information non-compliance can have on their brand and loyalty of their customers,” said Jason Tooley, vice-president, northern Europe, Veritas.
The findings from the report show that almost half (48%) of organisations who stated they are compliant do not have full visibility over personal data loss incidents. Moreover, 61% of the same group admitted that it is difficult for their organisation to identify and report a personal data breach within 72 hours of awareness – a mandatory GDPR requirement where there is a risk to data subjects. Any organisation that is unable to report the loss or theft of personal data – such as medical records, email addresses and passwords – to the supervisory body within this timeframe is breaking with this key requirement.
The findings in this report suggest that organisations that think they are already compliant with the GDPR should revisit their compliance strategies. Failure to meet GDPR requirements could attract a fine of up to 4% of global annual turnover or €20 million, whichever is greater.
Tooley added: “The results today show that more education is needed on the tools, processes and policies to support information governance strategies that are required to comply with the GDPR requirements. Creating an automated, classification-based, policy-driven approach to GDPR is key to success and will enable organisations to accelerate their ability to meet the regulatory demands within the short timeframes available.”
As interest in the awards remains high, we’ve decided to extend the time left to…
Welcome to the third episode of The Business Magazine Property Podcast, in partnership with MSP…
Farnborough-based Gama Aviation has announced a tie up with Australian outfit Department 13 to mitigate…
Heathrow Airport has reported record-breaking passenger numbers for the first quarter of 2024, A total…
Liquid biopsy company ANGLE has signed a supplier agreement with AstraZeneca. The Guildford firm has…
Thames Valley law firm Blandy & Blandy, which has offices in Reading, Henley-on-Thames and Wokingham,…