Connect with us


MetricStream research finds that 55% of enterprises likely missed the GDPR deadline



MetricStream research finds that 55% of enterprises likely missed the GDPR deadline

38% of respondents expected to be only partially compliant, while 17% reported having no plan for compliance

At the annual GRC Summit today, MetricStream chief evangelist, Dr. French Caldwell, announced the findings of the latest MetricStream research survey report, GDPR: Are Enterprises Ready to Protect Personal Data? 

The global survey gathered the perspectives of 120 respondents from 100+ enterprises and 20 different industries. Four primary areas of GDPR compliance were covered, including the state of GDPR awareness, preparedness, and readiness, as well as compliance challenges, benefits, and spend.

Key findings

Most enterprises did not expect to be fully compliant by the May 25 deadline

Only 39% of the respondents reported having a well-defined plan to be GDPR compliant by the May 25 deadline, while 5% reported that they were already compliant. The majority (55%) did not expect to make the compliance deadline. Of them, 17% had no clear compliance plan, while 38% expected to achieve only partial compliance.

Technology makes a big difference to GDPR readiness

More than half of the respondents (53%) who have implemented GRC solutions reported that they would be GDPR compliant by the May 25 deadline. On the other hand, only 40% of the respondents who use spreadsheet-based processes reported that they would meet the deadline.

70% of the respondents using GRC solutions for GDPR compliance also indicated being either confident or highly confident that their data protection programme would stand up to legal scrutiny by regulators and courts. In comparison, less than a quarter of the respondents (23%) using spreadsheet-based processes, point solutions, or business process management solutions, reported similar levels of confidence in their data protection programmes.

Readiness for an onslaught of data subject complaints and rights requests is low

GDPR gives data subjects multiple rights. Yet, fewer than 40% of the respondents reported that their enterprises are prepared or fully prepared to manage data subject complaints or requests around more complex rights, including the right to erasure, the right to restrict processing, and the right to data portability.

Other findings

  • Just 50% of the respondents reported being ready to complete assessments of all third parties that have access to personal data by the May 25 deadline
  • 86% of the respondents expect their GDPR budgets to stay the same or increase
  • 66% of the respondents reported improved data governance as the biggest long-term benefit of GDPR compliance

“GDPR is finally here, and with it a fundamental change in how companies execute on good data governance,” said French Caldwell, chief evangelist, MetricStream. “While the first year of compliance is likely to be a period of adjustment, enterprises cannot afford to be complacent. Our research shows that those with a well-implemented GRC programme will have an edge when it comes to meeting these new requirements. Technology will also be important in building a future-ready, sustainable GDPR programme that will drive business success in 2018 and beyond.”

To access the MetricStream Research report, click here.

Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Newsletters with Secrets & Analysis. Subscribe Now

Newsletters with Secrets & Analysis. Subscribe Now

Newsletters with Secrets & Analysis. Subscribe Now