The GDPR came into effect on May 25, 2018 and applies to all organizations that monitor the behavior of, or offer goods and services to, EU residents – irrespective of the organization’s location or where the data is processed.
Download this report to learn where organizations stand with compliance.
- When asked how far along they were in achieving GDPR compliance, only 29% said they had implemented all necessary changes
- 59% of respondents were aware of the changes to DSARs (data subject access requests) but only 29% had plans to adapt their processes to address this. Responding to DSARs correctly is extremely important; if they are managed incorrectly, data subjects can lodge complaints and fines can be issued
- 75% of respondents had conducted a data flow audit in some capacity. As part of a GDPR compliance project, organizations need to map their data and information flows in order to assess their privacy risks. This will form part of their Article 30 documentation
- 61% of respondents had implemented basic security controls to address data security and breach management. Although just 29% of respondents considered themselves compliant with the GDPR, more than 50% had procedures in place to notify their supervisory authority and individuals should a breach occur.