A new survey paints a worrying picture of business readiness for Global Data Protection Regulation Compliance (GDPR)
The survey carried out by the Ponemon Institute has revealed that 40% of companies only expect to achieve compliance with the regulation after its May 25th deadline.
The study surveyed companies across the US and Europe on their understanding of the impact of GDPR and their readiness for it.
Others Key findings included 60% of respondents saying GDPR would "significantly change" their organisations' workflows regarding the collection, use and protection of personal information, with 71% acknowledging that lack of compliance could have a detrimental impact on their companies' ability to conduct business globally.
The difficulty in preparing for data breach notification, a cornerstone of the regulation, is the most difficult obligation according to 83% of respondents, with 68% saying that inability to
comply with the notification requirement poses the greatest risk to their companies.
"The risks of failing to comply with GDPR have been most often reflected by organisations' fear of the potential size of the financial penalties that non-compliance could bring about," said Larry Ponemon, founder of the Ponemon Institute. "The headline figures - fines of up to €20 million or 4% of global turnover, whichever is the greater amount - represent a potentially massive fine for companies."