Survey finds GDPR compliance rates remain low

Second survey checks in on how companies are meeting their data protection obligations and finds improvements, but more work to be done

Some 18 months after the General Data Protection Regulation (GDPR) came into effect compliance has improved, but remains low, according to a survey by cloud data integration and data integrity outfit, Talend.

Of the businesses surveyed worldwide, just over half (58 per cent) report not being able to meet their data access and portability requests within the GDPR-specified one-month time limit. The number has improved from the first survey in September 2018, which found 70 per cent of companies surveyed reported they had failed to provide an individual's data within one month.

In this updated survey, one year after it was first conducted, Talend asked a new population of companies, as well as companies that reported a failure to comply in the first benchmark, in order to map improvement. With new regulations on the way around the world, the firm argued companies need a process to overhaul data security provisions. These include data protection regulations coming into force in the US (California Consumer Privacy Act in January 2020), across APAC (PDPA in Thailand in May 2020), and in Latin America (LGPD in Brazil in August 2020).

According to the survey, public sector organisations and companies in media and telecommunications industries are struggling to meet the requests, with just 29 per cent of public sector organisations and only 32 per cent media and telecommunications industries surveyed able to provide the data within the one-month limit. Retail, financial services, travel, transport and hospitality firms are barely reach an average success rate, with 46 per cent of companies reporting they provided correct responses within the one-month limit.

Talend said organisations need to start a data governance transformation to deliver a 360-degree view of customers and empower the people in charge of data protection with more automated data processing and delivery

“To fully comply with GDPR, it is necessary to understand where the data is, how it is processed and by whom, as well as ensure that the data is trusted,” said Talend senior director of data governance products, Jean-Michel Franco.

The research involved 103 GDPR-relevant companies across the globe: EU-based companies, 84 per cent, NORAM-based companies, 8 per cent and APAC-based companies, 8 per cent which conduct business in Europe from a range of industries including retail, media, technology, utilities and telecommunications, public sector, finance, and travel, transportation and hospitality.

It assessed whether companies had updated privacy policies to account for GDPR; researching whether companies had dedicated ways for consumers to request GDPR data; requesting GDPR data and assessing how quickly and thoroughly companies comply; and requesting GDPR data in a way that may be directly accessed and reused by the individual (data portability).

Franco said organisations must do more to regain the trust of their data subjects.

“They risk very significant fines and significant reputational damage in the event of non-compliance and especially through class actions – both of which could prove to be severely detrimental to a business," he said.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.  

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Blog Posts

Channelling climate positive design

As we enter 2020, the new decade spells infinite possibility in digital and design. Yet ironically, the biggest trend we’re facing has nothing to do to with innovative technology. It is something much more ‘down to earth’: The state of our planet. Or more specifically: Climate change.

Katja Forbes

Founder and chief, sfyte

Non-linear transformation: The internal struggle

Let’s face it, transformation is messy. Every business is different, with a set of specific challenges based on a mixture of external (the market, competitors, regulation) and internal factors (technology, people and process investments over time).

Neil Kelly

Partner, transformation, Wunderman Thompson

7 ways to champion a human centred design culture

Human Centred Design (HCD) has come a long way in the last decade with many forward-thinking organisations now asking for HCD teams on their projects. It’s increasingly seen as essential to unlocking innovation, driving superior customer experiences and reducing delivery risk.

Shane Burford

Head of research and design, RXP Group

I think some of these ideas are great. These tips will help me to improve my system. Thanks!

Henry Reid

9 Ways to Improve Your Company's CRM System

Read more

It's a useful info for small businesses owners. We can't live without mobile apps. They are so helpful! It's hard to deny that.

Mae Davis

7 ways small businesses can benefit from mobile apps

Read more

Hi Jennifer,Fascinating read about design-led companies!If you would like to learn more, our Design Thinking and Innovation programme mig...

Andrea Foster

How to spot a ‘design-led’ versus ‘design-fed’ company

Read more

ABC web-site not easy to use/navigate. Even getting this far in sign-on to ABC My Space was problematic - it was asking for my password,...

Vee.

How the ABC used an online community to help build a movement

Read more

Thank you for your feedback, Astha! Always appreciated.

Vanessa Skye Mitchell

5 things marketers should know about data privacy in 2020

Read more

Latest Podcast

More podcasts

Sign in