Half of companies missed GDPR deadline, 70% admit systems won’t scale

by GDPR Associates | 17th May 2019 2:15 pm

Even if given two years notice to achieve GDPR compliance, only half of companies self-reported as compliant by May 25, 2018, a DataGrail survey reveals.

“The Age of Privacy: The Cost of Continuous Compliance” report benchmarks the operational impact of the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as sharing insights into lessons learned and attitudes toward privacy regulations.

DataGrail surveyed more than 300 U.S. privacy management decision makers; including IT, operations, security, legal, and risk and compliance professionals.

“Businesses without a European presence were not impacted by the GDPR. However, with the CCPA fast approaching, US businesses without GDPR are experiencing the same challenges that multinational companies did with GDPR,” said Daniel Barber, Co-founder & CEO, DataGrail.

“Most companies reported taking at least seven months to achieve GDPR readiness, but now with CCPA only seven months away, they realize their systems will not support CCPA and other forthcoming privacy regulations. Companies will need to integrate and operationalize their privacy management to avoid the time-consuming and error-prone manual processes to comply with these regulations.”

GDPR compliance took longer than expected

Even GDPR readiness is costly

Privacy rights requests are time-consuming and error-prone

CCPA compliance programs face the same challenges as GDPR programs

Companies will be challenged by the future of privacy regulations

“It is evident from this research that most companies still rely on piecemeal technology solutions and manual processes, when they should be turning to privacy management solutions purpose-built for privacy regulations,” said Barber.

“As companies turn their attention from GDPR to CCPA[1] and beyond, they must operationalize sustained compliance to reduce risk, provide transparency for their customers, and control operational costs.”

The original article (and image) was originally posted here:
https://www.helpnetsecurity.com/2019/05/17/missed-gdpr-deadline/[2]

Endnotes:
  1. GDPR to CCPA: https://www.helpnetsecurity.com/2018/07/31/achieving-compliance/
  2. https://www.helpnetsecurity.com/2019/05/17/missed-gdpr-deadline/: https://www.helpnetsecurity.com/2019/05/17/missed-gdpr-deadline/

Source URL: https://www.gdpr.associates/half-of-companies-missed-gdpr-deadline-70-admit-systems-wont-scale/