The survey for this white paper was conducted with mid-sized and large organizations that are already subject to privacy laws and that store and process data for residents of the EU – i.e., organizations that will be subject to the GDPR. However, we found that most organizations are not ready to satisfy the compliance obligations of the GDPR, as shown in Figure 1.
Organizational Confidence in the Ability to Meet Key Requirements of the GDPR
Source: Osterman Research, Inc.
Moreover, the research found that only 29 percent of organizations believe that their organizational and technical approaches to data protection today are “mature”, and only 38 percent of organizations had allocated budget in 2016 to achieve compliance with the GDPR.