Majority of businesses still at risk of GDPR non-compliance
More than a third of businesses would struggle to find customer data if regulators asked where it resides
Businesses are still failing to prepare for the introduction of the General Data Protection Regulationin 2018, with only 38% of companies having any sort of plan that will protect their position when it comes into force, according toa report by Compuware.
However, two thirds of businesses said they are well-briefed on the GDPR and the impact it's likely to have on their business, which is an increase of 55% compared to the same point last year.
Compuware's report uncovered that US businesses are much better prepared than UK firms. 60% of companies over the pond have a detailed plan in place for dealing with the European customers' data, while only 19% of UK-based organisations described their preparation as 'detailed.'
"Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe," said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware.
"UK businesses may be behind due to initial uncertainty over the impact of Brexit," she added. "But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats."
The biggest barriers to companies developing a clear plan of action were data complexity and understanding what the regulations mean. Three quarters of businesses said the complexity of modern IT is making it too confusing to know where their customer data is. Only half said they know where all their customer data lives within their network and more than a third said they'd struggle to find the data if regulators asked for it.
"It will be impossible to comply with the GDPR's Right to be Forgotten if organisations can't find customer data," continued Maxwell.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Due to its security and scalability, most large organisations store most of their customer data on the mainframe," she said. "This data usually resides in a complex rabbit warren of databases spanning multiple systems, and organisations use manual, time-consuming methods to find and extract it. Businesses need an automated way to map and visualise data relationships, so they can quickly find the specific and relevant data and delete it, without needing specialist skills."
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.