Despite the fact that the EU General Data Protection Regulation (GDPR) is due to come into effect on May 25, 2018, there is still uncertainty about how businesses handle and protect sensitive data.
GDPR criteria maintains that any company, which holds or processes any kind of personal information relating to European citizens through goods or services, must abide by the new data privacy and storage laws. This includes both physical or digital files.
However, the latest report on UK companies shows 47% of their workers don’t know if their company is taking action to comply with the new legislation. Another study shows that less than a third of global organizations state they are compliant or close to being compliant.
A study by Veritas yielded the same result with even more dire numbers. Those businesses that already conform to the legislation’s requirement admitted to unlikely being in compliance with specific provisions, with only a measly 2% appearing to be in actual compliance.
The subsequent findings point to a gross misunderstanding over regulation readiness. Under the GDPR rules, EU residents will have to give consent for their personal data to be used, as well as be provided full access to their data. In addition, they have the right to request the removal of their data, such as usernames and emails businesses use for their newsletter databases.