The EU’s General Data Protection Regulation (GDPR) was enforced on May 25, 2018, but according to Top Corporate Data Protection Challenges, a CGOC survey of 132 compliance officers from organizations around the world and across multiple industries, only 6 percent of respondents felt their organizations are currently compliant with the impending regulation, with most organizations concerned about their poor data disposal practices and ability to demonstrate compliance.
This is surprising news given the amount of attention the regulation has received over the last couple of years. Organizations that have yet to begin a GDPR-readiness program are likely to face an even bigger surprise next year as they scramble through a more painful, disruptive and costly effort.
For years before the passage of the GDPR, we provided advice and resources to help organizations adhere to the European Data Protection Directive. However, the Directive created only a minimum standard and the response has been all over the map. Many countries implemented higher and different standards, leading to confusion, while some organizations have elected to risk incurring fines rather than invest in compliance. The GDPR now harmonizes all of the data protection laws in the EU to protect the personal information of its citizens and residents – and with that will likely come more consistent enforcement and penalties.
GDPR readiness compels organizations to know the type, value, and location of the information they store, and to delete, change or provide information as required by the regulation. The regular and automatic defensible disposal of information that has no legal, regulatory or business value is also important and can significantly reduce the burden on information asset managers to remain GDPR-compliant.
These activities are all part of the comprehensive and unified governance program that the CGOC has advocated for years. Such a program ensures the involvement of all information stakeholders in the program, provides a single, centralized view of all information across the enterprise, and automates critical processes such as defensible disposal.
As companies realize they are behind the next data regulation, they can count on the CGOC as a helpful resource for implementing information governance strategies and practices including the Information Governance Process Maturity Model.
Key findings of the survey include:
Download the GDPR resource guide to discover how a Unified Governance program can create the foundation for successful GDPR compliance, while enabling improved business insight, increased productivity, and reduced cost and risk. Start your compliance journey today!
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration