General Data Protection Regulation (GDPR) Survey Findings and Infographic

General Data Protection Regulation (GDPR) is a regulation that aims to put EU residents in control of their personal information, and it comes into effect throughout the European Union (EU) by 25 May 2018. GDPR will regulate how personal information about EU residents is collected, stored, used, processed, transferred. and deleted by an organization. Non-compliance can result in fines of up to 4% of the company’s global annual turnover or €20 million, whichever is higher.

Solix has conducted an online survey on GDPR readiness with IT professionals at over 100 companies, and here are our key findings:

  • 66% of organizations are unsure if an individual’s personal information is purged from all systems, forever.
  • 22% of organizations are unaware that they must comply with GDPR, even if they are based outside of the European Union (EU), but hold data of EU citizens.
  • 38% of organizations say that all their personal data under the new GDPR rules is not protected from misuse and unauthorized access at every stage in its lifecycle. More than half (64%) of organizations do not have a Data Protection Officer (DPO).
  • While 82% of organizations say they know where their sensitive data is stored, only 55% maintain audit trails for data consents, collections updates, and deletion.
  • 53% of organizations are not confident that processing of all personal data is based on explicit permission provided by the individual.
  • 65% of organizations are not confident that their GDPR data will stay within the EU.

For companies seeking an in-depth GDPR readiness assessment including overall enterprise data management, data collection, access, usage, processing, retention, protection and deletion, Solix offers an onsite “phase zero” consulting engagement designed to establish scope, objectives and approach for GDPR readiness. It provides risk and remediation-focused insights, and actionable guidance for your data policies, procedures and practices. This deep dive into your organizations data environment will provide an action plan to not only address GDPR, but strengthen your overall information governance approach.

According to the April 2017 Forrester report, The Five Milestones to GDPR Success, “Shockingly, half of organizations across the EU and the US are unaware of the new European General Data Protection Regulation (GDPR). All firms providing services or products to European markets and/or those collecting data from European residents must prepare now.”

“Based on our survey data, it’s clear that the majority of organizations are not currently prepared to meet GDPR requirements,” said John Ottman, Executive Chairman of Solix Technologies, Inc. “There is an urgency to take steps now as the enforcement deadline quickly approaches and applies to anyone who is currently operating with EU customers.”