Most businesses to comply with GDPR post-launch

GDPR is here but businesses aren't. That's the word from new data which indicates that despite the long lead-up to the EU's new privacy laws going into effect, many businesses are still not ready.

The EU's GDPR regulations are in effect, starting today, but most businesses (64%) in a recent poll report they'll implement their compliance after the launch. This comes despite the fact that most (68%) US businesses surveyed say GDPR does apply to them. and that they do 'find value' in the GDPR regulations.

"GDPR compliance is like purchasing life insurance - it may not provide a lot of value in the near-term, but it does mitigate risk. When companies find ways to handle personal data with increased sensitivity, they reduce their exposure to negative events like breaches or leaks," said Rick Kelly Senior Vice President of Products & Research, Fuel Cycle.

"The quest for consumer data is the gold rush of the 21st century and GDPR is welcome first step to keep everyone honest. It does not only give the consumer control over its data, but also brings much needed transparency to the insights cycle, allowing the consumer to understand how the data he provides helps the company provide better services and products," said Marin Sarbulescu, Vice President of Research & Development, Fuel Cycle.

For the poll, researchers with Fuel Cycle polled nearly 500 executives in IT, Healthcare, Finance, Retail, and Media fields. Though most find value in the regulations, just over half (54%) said they don't think the regulations actually apply to their field. Nearly two-thirds say GDPR compliance is a priority for their business.

Cost seems to be a factor for many who are as yet unprepared for the new regulations. Which about half of those polled saying they don't feel as if GDPR applies to them, it's hard to put forth the money to prepare. But, for Sarbulescu, the costs outweighs the benefits.

"There is hardly any escape from GDPR, it affects everyone across the board one way or another, especially B2C. As long as you collect consumer data, you need to be GDPR compliant. Every business is different but two requirements tend to apply everywhere: enable the consumer to obtain all its data and to permanently delete it if so desired," said Sarbulescu. "These two requirements are nothing new. Lots of companies have been doing it one way or another - see Google's Right To Be Forgotten - GDPR just frames it as law. The price of implementation is not as high as some might think but the price of not being compliant can be huge."




Tweet