Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

One Year Before GDPR, How Prepared Are Companies?

DZone's Guide to

One Year Before GDPR, How Prepared Are Companies?

We're only a year away from new EU regulations on how companies can use user data. Is your company ready for the change?

· Security Zone
Free Resource

Discover an in-depth knowledge about the different kinds of iOS hacking tools and techniques with the free iOS Hacking Guide from Security Innovation.

In May 2016, companies were just starting to think about how the EU General Data Protection Regulation (GDPR) would affect them two years later. Today, we’re about 12 months out from when the new regulations will come into effect.

Designed to replace the previous EU data protection directive (Directive 95/46/EC), the GDPR brings together various EU data protection laws that determine how companies across the globe use, manage and delete EU citizens’ personally identifiable information (PII).

But how prepared are companies for the this? A press release promoting new Compuware-commissioned research from Vanson Bourne suggests companies still have work to do:

  • 88 percent of U.S. companies say they are well-briefed on GDPR. Still, 90 percent are concerned about their ability to use customer data within new compliance rules. Only 67 percent of EU businesses are well-briefed.
  • Only 38 percent of all respondents have a comprehensive plan in place for how they will comply with GDPR, leaving the majority at risk for non-compliance fines.
  • Three-quarters of organizations are likely to struggle with the GDPR’s “Right to be Forgotten” mandate, as IT complexity means they are uncertain as to where all customer data resides.

Amidst the race to patch together a plan for GDPR compliance in the next year, companies will also face significant compliance hurdles. The biggest areas of concern for U.S. businesses are as follows:

  • Design and implementation of internal processes (65 percent).
  • Securing customer consent to use their personal data and handling the process of data withdrawal if requested by the customer (64 percent).
  • Ensuring data quality (52 percent).
  • The cost of implementation (43 percent).
  • Data complexity (41 percent).

How to Prepare

Despite the impact the GDPR will have on companies, whether they exist in the EU, U.S. or elsewhere, most still are unprepared for the regulation. With one year left, there is much work to be done to avoid noncompliance penalties—heavy fines or four percent of annual worldwide turnover; whichever is greater. Preparation for the new mandates must be moved to the forefront of companies’ strategic objectives for 2017.

For help creating a compliance plan, read Compuware’s white paper “Unprepared for GDPR? A Research Report on the State of Enterprise Readiness for the EU’s New PII Mandates,” available in English, French, and German. You will learn more about the challenges and implications of non-compliance, and what your company can do to ensure it’s prepared for next May.

Learn about the importance of a strong culture of cybersecurity, and examine key activities for building – or improving – that culture within your organization.

Topics:
security ,security compliance ,gdpr

Published at DZone with permission of Mike Siemasz, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}