Deloitte GDPR Benchmarking Survey: The time is now
How are organizations facing the challenge of complying with the GDPR?
Deloitte conducted a General Data Protection Regulation (GDPR) benchmarking survey across a sample of organisations and industry sectors in EMEA to examine how organisations are facing the challenge of complying with the most radical overhaul of data protection laws in a generation.
The aim of this survey was to understand how organisations are preparing for GDPR compliance, how advanced their implementation plans are, and how confident they are of achieving their goals by 25 May 2018.
The results indicate that organisations are taking a wide range of readiness approaches, driven by the combination of the potential for significant fines, the increased obligation to demonstrate proactive compliance as well as the complexity and ambiguity of some of the requirements. The survey responses show that approaches to compliance and remedial spending vary widely.
39% of organisations report spending less than €100,000.
15% of organisations report spending more than €5 million. There is no correlation between organisation size (by headcount or revenue) and spend, nor any clear trends in different industry segments. Our results reported examples of organisations with fewer than 10,000 employees spending over €2.5 million, but other examples of organisations with more than 50,000 employees spending less than €250,000.
Only 15% of organisations surveyed expect to be fully compliant by May 2018, with the majority instead targeting a risk-based, defensible position.
In addition, the report also examines other matters related to compliance with the GDPR and makes pragmatic recommendations on how to comply with the areas respondents feel present the greatest challenges. Most importantly, this report considers how privacy can become more than a compliance exercise; how it can become a real business asset and enabler, and maybe even a competitive advantage.