According to a new study, more than half of organizations are behind in the preparation to meet EU General Data Protection Regulation (GDPR) compliance.
The research, conducted by Veritas Technologies, included responses from over 2,500 senior technology decision-makers in 2016 across Europe, the U.S., Asia-Pacific, the Middle East and Africa.
The findings revealed 54 percent of survey respondents said their organizations have not advanced their GDPR compliance readiness. Furthermore, respondents cited confusion over executive ownership of the regulation’s adherence and compliance.
Nearly one-third (32 percent) of survey respondents believe the Chief Information Officer should be responsible, while 21 percent said the same for the Chief Information Security Officer, 14 percent for the Chief Executive Officer and 10 percent for the Chief Data Officer.
“With a quarter of the EU’s grace period over before the legislation takes effect in May 2018, the responses bring into focus a number of operational, compliance and planning issues, in particular, the ownership of GDPR processes and the ability to implement data cleansing policies and end of life requirements,” said Veritas in a press release.
In addition, approximately 35 percent of those surveyed indicated fragmentation of data and loss of visibility as their biggest concern. Specifically, respondents identified the rise of unmanaged cloud-based file storage and consumer file-sharing in the enterprise as potential future compliance issues.
Mike Palmer, Executive Vice President and Chief Product Officer at Veritas, added:
“GDPR is the most significant change to data protection in a generation and an imminent global issue that will dominate data privacy, management and regulation discussions in 2017.”
“To avoid potential regulatory fines or worse, damage to their corporate brands and reputations, global enterprises must take action now to understand where their data resides and how to protect it,” said Palmer.
Other key findings from the survey included:
- 31 percent of respondents are concerned about reputational damage to their organizations from poor data policies
- Nearly 40 percent are fearful of a major compliance failing within their organization
- 52 percent of respondents are concerned about the threat of data loss from the business
- 40 percent of respondents also cited employees mishandling data as a concern