Only one in three businesses are GDPR compliant, study finds

Capgemini, a consultancy firm, found that, although GDPR has been in effect for more than a year, only one in three businesses are compliant. Here’s the nitty and gritty.

As part of the survey, more than 1,000 compliance, data privacy and protection personnel were surveyed.

Despite the fact that hefty fines are on the horizon for the offenders, only 28% of respondents rate themselves as fully GDPR compliant.

This is a serious matter – the £183m fine the British Airways were slapped with speaks volumes.

So, what are the obstacles that stand in the way of compliance?

Legacy IT systems seem to be the leading one, with 38% of respondents claiming their current systems are not up to par with the complexities of GDPR.

Moreover, 36% of respondents believe that getting everything in order takes too much effort (one third believe the costs of doing so are an obstacle as well).

Failing to comply, however, bears other consequences apart the financial ones, with loss of reputation being just one example.

The 92% of respondents who identified themselves as compliant believe this will improve their trustworthiness in the eyes of their customers.

Moreover, they believe that becoming compliant helped improve their cybersecurity practices.

An ICO spokesperson mentioned that improving the reputation of one’s business should be the primary motivator for GDPR compliance, as opposed to fearing the penalties.

Moreover, re-examining where one’s business stands in terms of data protection is a must; being compliant in the current moment does not guarantee being compliant in the future.