A survey conducted at the Infosecurity Europe trade show has revealed that 28 percent of organisations do not feel completely compliant with the European Union’s General Data Protection Regulation (GDPR).
The deadline to be compliant with GDPR was May 25. However, when asked whether they thought they would pass their first GDPR audit, less than half of the respondents said they were very confident they would pass the audit, over one-third were somewhat confident, and less than one-fifth said they were not confident.
“The deadline has now come and gone, yet the study shows that many organizations aren’t sure they have achieved GDPR compliance,” said Terry Ray, CTO of Imperva. “Any company that put GDPR off until the last minute now realizes compliance cannot be achieved overnight. It does not surprise me that many organizations feel unsure about the idea of a GDPR audit. The truth is many would fail.”
To assess personal data rights, the survey asked if respondents knew where all users personal data resided on their systems. More than a third of respondents said yes, they did know the location of the data while more than half said they would need an extra three months to get their house in order. Conversely, almost 90 percent said they could easily respond to requests from individuals asking to disclose the information they hold on them with 57 percent saying their organisation had already received such a request.