According to the survey by international law firm Paul Hastings, fewer than half (39% in the UK and 47% in the US) have launched an internal GDPR taskforce, only a third are hiring a third-party to conduct a GDPR gap analysis, and only a third are hiring a third-party consultant to assist with compliance.
The study's authors insist this shows many companies are not as well-prepared as they think.
Despite being one of the crucial requirements for GDPR compliance for any business involved in the “large scale monitoring of individuals”, only 29% of top UK firms and 18% of top US firms are hiring a data privacy officer or additional privacy staff, and only 10% of UK companies polled have allocated dedicated budget.
Paul Hastings partner and global co-chair of the privacy and cyber security practice Behnam Dayanim said: “Achieving GDPR compliance is an enormous task, which in our experience almost inevitably requires dedicated resources and budget.
“Against that backdrop, the confidence among major corporations revealed in our survey seems mismatched with those same businesses’ reports of their implementation efforts,” he added.
Dayanim maintained that with so few companies undertaking key compliance measures to date, it will be “a race to the finish line” for those needing to meet the terms of the Regulation. “This unfortunately seems to be setting up a scenario for multiple investigations and enforcement activities once the implementation date arrives,” he warned.
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024