Key findings from a survey conducted by Dimensional Research highlight that only 20% of companies surveyed believe they are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation [Editorial Comment: Not to worry; most Country Regulators are not ready either!].
EU (excluding UK) companies are further along, with 27% reporting they are compliant, versus 12% in the US and 21% in the UK. While many companies have significant work to do, 74% expect to be compliant by the end of 2018 and 93% by the end of 2019.
While many companies still have a long way to go, a comparison to August 2017 research shows significant progress in the past ten months. The number of companies whose GDPR implementation is under way or completed increased from 38% to 66% in the US and from 37% to 73% in the UK.
The cost of compliance is high
- 27% of companies spent over half a million dollars each to become GDPR compliant
- 31% of companies plan to spend over half a million dollars each on GDPR compliance efforts between June and December 2018
- 18% of US companies spent over 1 million dollars each on compliance versus 8% for UK and 8% for EU companies.
Most companies are positive about GDPR
Despite difficulties in becoming GDPR compliant, 65% view GDPR as having a positive impact on their business. Only 15% view the GDPR as having a negative impact on their business
Customer expectations and complexity top GDPR drivers
- Meeting customer expectations (57%) was the main driver to become compliant, significantly higher than concern for fines (39%)
- Complexity of GDPR posed the biggest challenge to comply.
GDPR will continue to drive privacy investments
- 87% indicate that data privacy will become more important at their companies post the GDPR deadline
- 80% of companies plan to increase their spending on GDPR technology and tools to maintain compliance.
Source: Cyber Security Intelligence
You Might Also Read: Information Wars: How Europe Became the Worlds Data Police