IT and Business Insights for SMB Solution Providers

Over one third of U.S. businesses do not feel fully prepared for GDPR deadline, Thales research finds

Thales, a leader in critical information systems, cybersecurity, and data security, announces the results of its research on the EU General Data Protection Regulation (GDPR). The report, based on research by Censuswide and sponsored by Thales, captures the preparedness levels of organizations in Europe and the United States for the May 2018 GDPR compliance deadline, as well as their perceptions on the new regulation's business impact.

Intended to improve personal data protection and increase accountability for data breaches, the GDPR is perhaps the most comprehensive data privacy standard to date. However, the regulation presents a significant challenge for organizations that process the personal data of EU citizens, regardless of where the organization is headquartered. This means that any U.S. organization that handles data belonging EU citizens will be required to be GDPR compliant when the regulation comes into force in May 2018. 

Gartner's forecast predicts that by the end of 2018, over 50 percent of all companies affected by the GDPR will not be in full compliance with its requirements. According to the Thales report's findings, around 35 percent of U.S. organizations already don't believe they will be fully prepared for the GDPR in time for the deadline. In addition, U.S. organizations are apprehensive about the GDPR's impact on their business.  

Key concerns of U.S. businesses:

  • Just over 56 percent believe that implementing measures to become GDPR compliant will increase the levels of complexity and red tape within their business.
  • Approximately 45 percent are concerned that the GDPR will hinder their organization's innovation to some degree.
  • Almost 18 percent expect the GDPR to have a negative impact on relationships with their international partners.
  • Interestingly, while roughly 20 percent believe the GDPR will lead to fewer data breaches, 49 percent are concerned that its implementation will actually result in an increased number of breaches.

Although U.S. businesses have several concerns surrounding the GDPR, over half (approximately 53%) remain optimistic that the GDPR will have no effect on their business operations whatsoever. Along the same lines, over a third of businesses (35%) suggest that a GDPR-type regulation is definitely required for handling the personal information of U.S. citizens.

Jim DeLorenzo, solutions manager, GDPR, Thales eSecurity says:
"Organizations that are not prepared for the GDPR would be remiss to think that this regulation won't impact their business operations. In fact, if organizations fail to comply, they could face multiple legal challenges as well as staggering fines, consequences that will undoubtedly garner negative attention. With so many U.S. businesses having a global reach, it's imperative that American business leaders understand the ramifications of not complying with the GDPR."

The research also examined consumer privacy and control concerns in the UK and Germany. The results reveal that almost half (47 percent) of consumers believe commercial organizations don't care about their privacy, and that two in five (42 percent) don't trust anyone to keep their personal information private.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.