Are businesses ready for GDPR?

Although companies have been given around 2 years in which to comply, it appears that many organisations are still struggling to meet the requirements of the upcoming General Data Protection Regulation (GDPR).

Impossible to be fully compliant?

Several surveys seem to indicate that companies are behind with their preparations and will not be GDPR ready by the deadline. A 2016 SonicWall survey polled 821 IT professionals across the globe with 80% revealing that they knew little about GDPR. A massive 97% didn’t even have a plan in place. Similarly, a 2016 Symantec survey across 900 businesses in UK, France and Germany found 96% didn’t fully understand the regulation. 23% said their organisation would not be fully compliant by the go-live date of 25th May 2018. 20% believed it impossible to be fully compliant by the deadline.


38% still unaware

According to SonicWall, companies felt more comfortable with impending rules on e-mail security but much less so when it came to document access. To be GDPR ready, companies must create procedures that limit who can access shared files hosted on platforms like Dropbox or Sharepoint. The UK picture doesn’t look particularly rosy based on a new survey from Identity Methods. They reported that less than 15% of UK organisations are ready for GDPR, with 38% still not aware of the new rules. Even fewer (4%) have planned their compliance. A 2016 Baker McKenzie report suggested, “45% of businesses either do not have the tools to ensure their organisation complies with the main requirements under the GDPR, or could only obtain such tools at significant cost”.


Time to take ownership

Companies need to understand that GDPR isn’t a set of guidelines for best practice, it’s a new set of laws. Certainly, the laws shouldn’t be a surprise for marketers who will appreciate use of customer data has been a hot topic for years compounded by the advent of social media, cloud computing and IoT. It’s surprising therefore that the Chartered Institute of Marketing announced “only 5% of marketers fully understand what the GDPR means for their business and 50% say they don’t really understand it at all, or [literally] don’t know.” Taking ownership, whether it’s marketing, IT or finance, needs to happen at board level if businesses want to meet the challenge of GDPR compliancy.