According to a survey carried out by RSM International in collaboration with the European Business Awards among more than 500 medium-sized companies from 34 European countries, almost one third (30%) of European companies admit that they are still not compliant with the requirements of the General Data Protection Regulation (GDPR).
The results of this survey clearly show that despite the lapse of over 12 months since GDPR entered into force, and many fines imposed on entrepreneurs by regulators, only 57% of businesses are confident that their business follows the rules and principles of the Regulation, whereas 13% of companies are not sure about this at all. Surveyed companies admit that they still find it difficult to understand and implement an entire range of changes the GDPR involves: more than a third (38%) of non-compliant businesses do not understand when consent is required to hold and process data, 35% are not sure about how they should monitor their employees’ use of personal data, and 34% do not know the procedures required to ensure the compliance of contracts with third party suppliers.
At the same time, the results of the survey show that the EU Regulation is having a positive effect on cyber security in the EU. Almost three quarters (73%) of European businesses say the new guidelines have encouraged them to improve the way they manage customer data, and 62% are of the opinion that they have increased their investment in cyber security.
Steven SNAITH, Head of Technology Risk Assurance and Partner at RSM UK, commented:” With the introduction of the GDPR, so much pressure was placed on organisations. With the necessity to understand all regulations and process loads of information coming from the media and stakeholders, the fatigue was setting in, making businesses sceptical about new solutions and discouraged from making any changes. Many organisations simply gave up and reverted back to the old way of doing things. High-profile fines cross Europe have demonstrated that regulators across the EU are serious about enforcement. Businesses are scrambling to catch up once again.”
Jean STEPHENS, CEO at RSM International, said: “Rethinking the way they interact with data and treating GDPR guidelines as another growth opportunity, these more entrepreneurial businesses can become more appealing partners and more innovative competitors on the global stage.”
For more information about the results of the survey in detail please go to: https://www.rsm.global/insights/rsm-global-blog/30-european-businesses-are-still-not-compliant-gdpr.