Majority of businesses not yet GDPR compliant

Robert Scammell 26 April 2018 (Last Updated April 26th, 2018 17:16)

A survey by data analytics company SAS has found that 93% of businesses are not yet completely General Data Protection Regulation (GDPR) compliant.

Majority of businesses not yet GDPR compliant
The GDPR aims to give EU citizens greater control over their personal data.

A survey by data analytics company SAS has found that 93% of businesses are not yet completely General Data Protection Regulation (GDPR) compliant.

The GDPR is the biggest overhaul of data protection regulations in decades, giving EU residents greater control over how companies handle their data, such as the right to be forgotten.

Companies found to be in breach of the GDPR will be liable to fines of up to up to €20m, or 4% annual global turnover, whichever is higher.

The survey found that the EU, UK and Ireland are more likely to meet the 25 May deadline than the US, with 53% of EU companies and 54% of UK and Irish organisations expecting to meet the deadline in comparison with just 30% of US companies.

Globally, less than half (49%) of organisations responded that they will meet the deadline.

Any organisation that is storing or processing data on EU residents must be GDPR compliant, even if that organisation is not based in the EU.

“Despite the long run-up to GDPR, the vast majority of UK organisations still don’t have processes in place to manage their data in compliance with the new rules,” said head of GDPR technology at SAS UK & Ireland David Smith.

“At this point, senior leadership needs to take ownership of getting the whole company on board, from IT to operations, to make sure that all personal data is accurately located and appropriately handled.”

However, the 93% of businesses yet to achieve compliance responded that they have or expect to have a plan in place to become compliant. The majority also anticipate that GDPR compliance will result in benefits for their organisation.

“There’s a great opportunity contained within the challenge of GDPR,” said Smith.

“Organisations that gain greater control and understanding of their data will be better able to provide their customers with the services they want, in the manner that they want them.

“Those companies that can innovate through GDPR will gain a significant advantage over competitors who get stuck in the long grass of compliance.”

Smith’s sentiments were supported by the survey results, which found that 84% of all respondents believed that the GDPR will improve their data governance.

With less than a month until the deadline, anxiety has been growing among online retailers, which use large amounts of data to target consumers with adverts and personalise their online shopping experience with artificial intelligence (AI).

However, OmniCX retail intelligence and GDPR expert Tom Martin told Verdict AI that he does not believe the GDPR will have much of an impact on retailer’s ability to use AI.

“I think what will become clear as the GDPR comes into force is that really it is coveting the use of data for marketing; the GDPR is fundamentally an anti-marketing initiative,” he said.