90% of businesses think it's too hard to delete customer data

Enterprises struggle ahead of GDPR rules

Symantec has revealed that the majority of businesses are underprepared for the EU's General Data Protection Regulation (GDPR) coming into effect in 2018, leaving them open to hefty fines should their practices not adhere to the stricter rules.

The security firm's research revealed that 90% of businesses think it will be hard for them to delete customer data of they receive a request and only 40% of companies have a system in place that allows them to do so.

Advertisement - Article continues below

More concerning is that 35% of business and IT decision makers don't think their company takes an ethical approach to securing and protecting customer data.

"These findings show businesses are not only underprepared for the GDPR they are underpreparing," said Kevin Isaac, senior vice president of Symantec. "There is a significant disconnect between how important privacy and security is for consumers, and its priority for businesses. The good news is there's still time to remedy the situation if firms take immediate action."

The biggest challenge businesses face is not having the knowledge in-house to be able to deal with the changes. A total 96% of companies don't understand the GDPR, while 91% don't think they will be able to meet the demands of it.

Advertisement - Article continues below

"Whether companies will successfully navigate the GDPR regulation hinges on their willingness to embrace privacy by design," Peter Gooch, cyber risk partner at Deloitte, said. "They must also understand that good security and privacy processes can provide a substantial competitive advantage and be a driver in gaining consumer trust, in addition to being driven by regulatory requirements."

Advertisement - Article continues below

In fact, only 22% have made complying with the European security demands a priority over the next two years, meaning it's likely to be put on the backburner for a lot of companies.

"Businesses should recognise that privacy, security and compliance with GDPR are extremely important brand differentiators," said Isaac. "Businesses' response to the GDPR should become a core element of organisational design and culture. Adopting a fragmented, piecemeal approach as part of a tick box exercise will create more problems than it solves."

Symantec's report revealed that consumers have a very different approach to GDPR, finding that 88% of European consumers think data security is the most important factor when choosing a company and 86% think the protection of their data is more important than the product quality.

While the GDPR may no longer apply to the UK directly following Brexit, the UK is likely to devise its own, similar, rules in order to continue trade with the EU.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020
Microsoft Windows

Microsoft puts Windows development on lockdown

25 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020