GDPR provides opportunity to improve on data management
WITH the deadline for the implementation of the European Union’s General Data Protection Regulation (GDPR) coming up this week, a new study from IBM reveals that nearly 60 percent of organizations surveyed are embracing the GDPR as an opportunity to improve privacy, security, data management, or as a catalyst for new business models.
To reduce their exposure, the study indicated that a majority of the companies are being more selective in the data they collect and manage, with 70 percent disposing of data ahead of the deadline for compliance.
Companies’ preparation for GDPR comes in the wake of increased scrutiny from consumers on businesses’ management of personal data.
A separate poll of 10,000 consumers, conducted by the Harris Poll on behalf of IBM, found that only 20 percent of U.S. consumers completely trust organizations they interact with to maintain the privacy of their data.
IBM’s Institute for Business Value (IBV) surveyed over 1,500 business leaders responsible for GDPR compliance for organizations around the world in a bid to find out how companies are approaching GDPR as an opportunity to build further trust with customers and help drive innovation.
It found that 84 percent of respondents believed that proof of GDPR compliance will be seen as a positive differentiator to the public.
In fact, 76 percent said that GDPR will enable more trusted relationships with data subjects that will create new business opportunities.
Despite this opportunity, only 36 percent believe they will be fully compliant with GDPR by the May 25 deadline.
Another key finding of the study is that organizations are using GDPR as an opportunity to streamline their approach to data and reduce the overall amount of data they are managing.
For many organizations, this means vastly cutting down on the amount of data they collect, store and share.
Finally, among the top challenges organizations are currently facing when it comes to GDPR compliance, the most complicated areas are:
- finding personal data within their organizations (data discovery)
- ensuring the accuracy of the data they collect and store, and
- complying with rules for how data is analyzed and shared (data processing principals)
Other areas for concern included the handling of cross-border data transfers and getting consent from data subjects, as less than half of respondents said they were prepared for these aspects of GDPR.
While the regulations come into effect this week, its full impact will be seen in the coming months – with the governing body in the EU monitoring compliance efforts and penalizing those who fail to secure the rights of citizens.