Survey finds GDPR compliance rates remain low

Second survey checks in on how companies are meeting their data protection obligations and finds improvements, but more work to be done

Some 18 months after the General Data Protection Regulation (GDPR) came into effect compliance has improved, but remains low, according to a survey by cloud data integration and data integrity outfit, Talend.

Of the businesses surveyed worldwide, just over half (58 per cent) report not being able to meet their data access and portability requests within the GDPR-specified one-month time limit. The number has improved from the first survey in September 2018, which found 70 per cent of companies surveyed reported they had failed to provide an individual's data within one month.

In this updated survey, one year after it was first conducted, Talend asked a new population of companies, as well as companies that reported a failure to comply in the first benchmark, in order to map improvement. With new regulations on the way around the world, the firm argued companies need a process to overhaul data security provisions. These include data protection regulations coming into force in the US (California Consumer Privacy Act in January 2020), across APAC (PDPA in Thailand in May 2020), and in Latin America (LGPD in Brazil in August 2020).

According to the survey, public sector organisations and companies in media and telecommunications industries are struggling to meet the requests, with just 29 per cent of public sector organisations and only 32 per cent media and telecommunications industries surveyed able to provide the data within the one-month limit. Retail, financial services, travel, transport and hospitality firms are barely reach an average success rate, with 46 per cent of companies reporting they provided correct responses within the one-month limit.

Talend said organisations need to start a data governance transformation to deliver a 360-degree view of customers and empower the people in charge of data protection with more automated data processing and delivery

“To fully comply with GDPR, it is necessary to understand where the data is, how it is processed and by whom, as well as ensure that the data is trusted,” said Talend senior director of data governance products, Jean-Michel Franco.

The research involved 103 GDPR-relevant companies across the globe: EU-based companies, 84 per cent, NORAM-based companies, 8 per cent and APAC-based companies, 8 per cent which conduct business in Europe from a range of industries including retail, media, technology, utilities and telecommunications, public sector, finance, and travel, transportation and hospitality.

It assessed whether companies had updated privacy policies to account for GDPR; researching whether companies had dedicated ways for consumers to request GDPR data; requesting GDPR data and assessing how quickly and thoroughly companies comply; and requesting GDPR data in a way that may be directly accessed and reused by the individual (data portability).

Franco said organisations must do more to regain the trust of their data subjects.

“They risk very significant fines and significant reputational damage in the event of non-compliance and especially through class actions – both of which could prove to be severely detrimental to a business," he said.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.  

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Blog Posts

Taking performance cues from east Asian markets

As the ‘Asian century’ becomes ever more prevalent and the Fourth Industrial Revolution gathers speed, marketers are having to surf a tidal wave of creative destruction. The choice is stark: Embrace change, or resign yourself to a Darwinian fate.

Dr Chris Baumann

Associate professor, Macquarie University

Searching for social and marketing data

Many marketers, agencies - and everyone in between - get caught up on bubble references and data points. They’ll use Facebook best practice as the only best practice for Facebook executions and only consider metrics and responses of the one channel they’re expected to deliver on.

Isaac Lai

Connections strategy lead, VMLY&R Sydney

Why Australia needs more leaders

A few weeks ago, our Prime Minister, Scott Morrison took it upon himself to tell companies and their CEOs where to go when it came to societal issues. It wasn’t an organisation’s place to get involved. Instead, he said it should be left to governments to solve societies challenges.

Dan Banyard

Managing director, Edentify

Congratulations! So good to see a business turnaround with a good omni channel email lead strategy.Antanthonyidle.com

Anthony Idle

How Total Tools overhauled its omnichannel marketing

Read more

Well, you can always improve your service. Your customers will appreciate your efforts.

Mike Thompson

Report: Australian customer experience good but not great

Read more

Thanks for sharing! Terracotta Jewellery Online Shopping Ethnic Jewellery Online Shopping

Cotton Sarees Online

How data is driving the customers of a lifetime for BaubleBar

Read more

Informative blog. Xero is a well-known revolutionized accounting software, specifically developed to provide best User Experience and mak...

NavkarConsultancyServices

Xero evolves to fit a changing marketplace

Read more

>Writes article about how to show diversity in an authentic way>All featured opinions are from white women

Jennifer Metcalfe

Food for Thought: How can brands show diversity in an authentic way?

Read more

Latest Podcast

More podcasts

Sign in