Majority of businesses still at risk of GDPR non-compliance
More than a third of businesses would struggle to find customer data if regulators asked where it resides
Businesses are still failing to prepare for the introduction of the General Data Protection Regulationin 2018, with only 38% of companies having any sort of plan that will protect their position when it comes into force, according toa report by Compuware.
However, two thirds of businesses said they are well-briefed on the GDPR and the impact it's likely to have on their business, which is an increase of 55% compared to the same point last year.
Compuware's report uncovered that US businesses are much better prepared than UK firms. 60% of companies over the pond have a detailed plan in place for dealing with the European customers' data, while only 19% of UK-based organisations described their preparation as 'detailed.'
"Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe," said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware.
"UK businesses may be behind due to initial uncertainty over the impact of Brexit," she added. "But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats."
The biggest barriers to companies developing a clear plan of action were data complexity and understanding what the regulations mean. Three quarters of businesses said the complexity of modern IT is making it too confusing to know where their customer data is. Only half said they know where all their customer data lives within their network and more than a third said they'd struggle to find the data if regulators asked for it.
"It will be impossible to comply with the GDPR's Right to be Forgotten if organisations can't find customer data," continued Maxwell.
"Due to its security and scalability, most large organisations store most of their customer data on the mainframe," she said. "This data usually resides in a complex rabbit warren of databases spanning multiple systems, and organisations use manual, time-consuming methods to find and extract it. Businesses need an automated way to map and visualise data relationships, so they can quickly find the specific and relevant data and delete it, without needing specialist skills."
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now