GDPR Readiness: How Do You Stack Up?
Steven Minsky | August 16, 2018
The GDPR is the strictest set of data protection rules any nation has published, featuring some of the most severe penalties connected to data privacy seen yet. Now that the compliance deadline has passed, we started to wonder about GDPR readiness. How are companies stacking up to the new regulation?
We compiled a host of GDPR statistics to answer that exact question, alongside some quick facts about what this new regulation is asking of international companies. 92% of US-based multi-national companies view GDPR compliance as their top security priority for the next year, but only 30% of companies will be compliant within a year of the May 25th deadline.
Check out the following GDPR statistics to see how your organization’s GDPR readiness stacks up.
Companies are, quite understandably, anxious to ensure that they do not fall out of compliance with new data privacy laws. That’s why you see some companies willing to spend as much as $10 million on GDPR readiness.
We believe companies should be spending far less. The truth is, there is no new work to achieving compliance. At some level, somewhere within the business, organizations know what data they’re collecting and what they’re using it for – which is a huge part of complying with the GDPR. It’s just a matter of finding this information out, and ensuring corresponding policies, controls, and monitoring activities are in place.
Enterprise risk management is built on a foundation of organization-wide risk assessments. When you administer risk assessments to employees on the front-lines, you might be surprised by the wealth of information they have to offer about the company’s data practices. Remember, IT can’t know everything; oftentimes, the information you need lies with Finance or Sales.
After you’ve collected information about your organization’s data practices and how they stack up to GDPR readiness, you can start building and improving your data privacy systems. ERM can assist you with many of the GDPR’s requirements; it’s just a matter of choosing the right ERM software.
When choosing a software, use this checklist to decide whether it’s a good investment for GDPR readiness:
- Audit: Software can help you gain a clear understanding of where all of your data resides and bring this together into a single view
- Capture: Platform can help standardize your consent forms and capture the ensuing data in a compliant fashion
- Process: Framework can ensure sensitive information is properly encrypted
- Monitor: Dashboards can assist with monitoring your progress and set up automated alerts so you can act quickly if there are issues
- Customize: Software can be customized and configured to meet your company’s unique needs
With enough research, you’re sure to find an ERM platform that checks off all of these boxes and empowers you to achieve GDPR compliance without spending $10 million!