If you lack confidence in your GDPR plan, you’re not alone. Take the right steps to avoid penalties.

Welcome to the fourth installment in our blog series on the General Data Protection Regulation (GDPR), 5 Things to Know for 5/25. This week, we ask the question: how confident are you in your GDPR compliance plan?

GDPR Security Requirements

Requirements under GDPR have resulted in wholesale changes in how organizations handle the security and privacy of EU resident data. In the past, approaches like privacy by design or seeking express consent to use personal data were more “nice to have” items as opposed to necessities for many.

Now, organizations should bake those practices into their data collection and handling processes, which in turn cause many to re-learn or re-think the way they’ve done things for years. And that’s creating some uneasiness.

If you’re not totally confident you’ll be ready for compliance on the 5/25 deadline, know that you’re not alone.

2018 GDPR Preparedness Survey Results

In January and February 2018, Mimecast commissioned a survey of 800 IT decision makers across the globe to ask about GDPR preparedness and confidence. The results indicated many organizations are still working their way through GDPR compliance with varying levels of confidence as the deadline looms.

Of those surveyed, 60 percent said they aren’t completely confident their business will be GDPR compliant by 5/25. That’s only up 1 percent from the same survey question in 2017. In 2018, 48 percent claimed to be somewhat confident and 6 percent aren’t confident at all. 

When it came to preparedness for GDPR compliance, just 39 percent said they’d already implemented procedures to make their business compliant at the time of the survey, while 48 percent intended to do so in the next six months (which extends past the May 25 deadline). Twelve percent either had no timeframe or no plans to become compliant.

It should come as no surprise, amidst the varying degrees of preparedness for GDPR compliance, that most survey respondents have concerns about non-compliance. In fact, 67 percent of respondents are very or somewhat concerned about the implications of not being GDPR compliant.

Organizations holding EU resident data have reason to be concerned. Starting 5/25, in the event of a data breach, there could be financial penalties dependent on breach scale and severity.

Along with the financial loss, there’s the potential for reputational damage when you experience a data breach. This could lead to a loss of existing or potential customers, as your name could be associated with having subpar security or privacy standards.

Gain Confidence in your GDPR Plan Success

Chances are, you’ve at least started the process by identifying where your EU resident data lives and how it moves around your organization, and how much of this is really needed. You’ll need to determine the best way to keep it secure from data breaches, make it portable in case of a Subject Access Request and compile a plan for how to respond to an incident, including notification of the relevant authorities within the 72-hour window.

In addition, you need to identify the right team to handle your GDPR compliance needs with dedicated program management, enabling privacy professionals to take the necessary steps for compliance and assigning a Data Protection Officer to be accountable for what happens.

Taking these steps will put you on the right path and will help you build your confidence as GDPR goes into effect later this month.

Check back next week for the last installment in our 5 Things to Know for 5/25 blog series!

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

GDPR: Security VS Privacy

Top 4 Tips for a Post-GDPR World This i…

Top 4 Tips for a Post-GDPR World This is the third installm… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted May 03, 2018

Prioritizing GDPR Hurdles

4 GDPR Hurdles to Prepare For In the …

4 GDPR Hurdles to Prepare For In the second installment o… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Apr 26, 2018

Do You Have Your GDPR Team in Place?

6 steps to building your GDPR dream team…

6 steps to building your GDPR dream team. Welcome to our n… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Apr 18, 2018