Majority of Businesses View GDPR as Opportunity to Improve Data Privacy and Security

A study from IBM reveals that nearly 60 percent of organizations surveyed are embracing the GDPR as an opportunity to improve privacy, security, data management or as catalyst for new business models, rather than simply a compliance issue or impediment.

The study indicated that the majority of companies are being more selective in the data they collect and manage, with 70 percent disposing of data ahead of the deadline for compliance.

According to the study:

84 percent believe that proof of GDPR compliance will be seen as a positive differentiator to the public
76 percent said that GDPR will enable more trusted relationships with data subjects that will create new business opportunities
Despite this opportunity, only 36 percent believe they will be fully compliant with GDPR by the May 25 deadline

Cutbacks: GDPR Leading to Reduction of Data Collection and Storage
Another key finding of the study is that organizations are using GDPR as an opportunity to streamline their approach to data and reduce the overall amount of data they are managing. For many organizations, this means vastly cutting down on the amount of data they collect, store and share. According to the new study, organizations reported taking the following actions in response to GDPR:

80 percent say they are cutting down on the amount of personal data they keep
78 percent are reducing the number of people who have access to personal data
70 percent are disposing of data that is no longer needed

GDPR Challenges, Blind Spots, and Transformational Business Opportunities
The study found that the top challenges organizations are currently facing when it comes to GDPR compliance are finding personal data within their organizations (data discovery), ensuring the accuracy of the data they collect and store, as well as complying with rules for how data is analyzed and shared (data processing principals).

Other areas for concern included the handling of cross-border data transfers and getting consent from data subjects, as less than half of respondents said they were prepared for these aspects of GDPR.

One key element of GDPR includes the requirement for companies to report data breaches to regulators within 72 hours. However, the IBV study found that only 31 percent of companies have reexamined or modified their incident response plans to prepare for this requirement, representing a blindspot in companies' overall approach to GDPR.

While challenges remain, a significant sub-set of companies surveyed (22 percent) are using GDPR as a fully transformational business opportunity for how they approach data responsibility and management. Of this "leaders" subset:

93 percent have modified their incident response processes
79 percent said they were prepared for performing data discovery and ensuring data accuracy
74 percent said they were fully implementing security and privacy by design for new products and services

http://ibm.biz/powerofGDPR.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

Majority of Businesses View GDPR as Opportunity to Improve Data Privacy and Security

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Majority of Businesses View GDPR as Opportunity to Improve Data Privacy and Security

Share This Story

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.