CARY, N.C., Sept. 26, 2017 /PRNewswire/ -- The General Data Protection Regulation (GDPR) will go into effect in 2018, making organizations accountable for personal data protection including how and where data is stored and how it is processed within the organization. However, according to a new survey from business analytics leader, SAS, less than half (45 percent) of organizations surveyed have a structured plan in place for compliance and more than half (58 percent) indicate that their organizations are not fully aware of the consequences of noncompliance.
"There are a lot of organizations that simply don't know where to start on their journey to becoming GDPR compliant," said Arturo Salazar, Principal Business Solutions Manager, SAS. "We recommend starting with a solid data governance strategy to ensure that the technologies and policies are in place to fully understand where your data is stored and who has access to it."
Highlights from the survey include:
- Most respondents feel that GDPR will have a large impact on their organization. However, many respondents (42 percent) indicate that their organizations are not fully aware of this impact.
- Only 45 percent of organizations have a structured process in place to comply with GDPR, but of those only 66 percent think that this process will lead to successful compliance. In fact, many admit that they do not know how to determine if they are GDPR compliant.
- Unsurprisingly, large organizations (5,000 employees+) are better equipped to handle GDPR with 54 percent being fully aware of the impact, compared to just 37 percent of small organizations.
- Only 24 percent of organizations make use of external consulting to become GDPR compliant, but those with a structured process in place use external consulting more often (34 percent).
- Just 26 percent of government organizations are aware of the impact of GDPR, the lowest of any industry segment.
Data portability and the right to be forgotten
Under the GDPR, individuals have the right to request that their personal data be erased or ported to another organization. This brings up questions about the tools and processes organizations need to have in place. For 48 percent of the respondents, it's a challenge just to find personal data within their own databases (copied data sets, CRM data, etc.). In these cases, complying with GDPR regulations will be an even more serious task.
Of the surveyed organizations, 58 percent have problems managing data portability and the so-called right to be forgotten. Controlling access to personal data is also a serious challenge. Large organizations and financial institutions have more difficulty finding stored personal data than other organizations.
Benefits of GDPR
When asked about potential benefits of the GDPR, 71 percent believe that their data governance will improve as a result. The survey also showed that 37 percent of organizations think that their general IT capabilities will improve as they seek to comply and 30 percent agree that complying with the GDPR will improve their image. Further, organizations believe that customers will reap the rewards of compliance efforts. The survey shows that 29 percent of organizations think customer satisfaction will be higher as they work toward GDPR compliance. Another 29 percent say their organizations' external value propositions will improve.
For additional survey findings and implications of the GDPR, download the eBook here: https://www.sas.com/gms/redirect.jsp?detail=GMS62278_91120
In spring 2017, SAS conducted a global GDPR survey among 340 business executives from multiple industries and geographies. Based on the results of that survey, this report highlights the biggest challenges and opportunities organizations face on the road to GDPR compliance.
SAS is the leader in analytics. Through innovative analytics, business intelligence and data management software and services, SAS helps customers at more than 83,000 sites make better decisions faster. Since 1976, SAS has been giving customers around the world THE POWER TO KNOW®. SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright © 2017 SAS Institute Inc. All rights reserved.
View original content with multimedia:http://www.prnewswire.com/news-releases/sas-survey-organizations-face-gdpr-challenges-300524735.html