Apr 20, 2018 SOURCE: PR NewsWire

Survey Reveals that Many Companies are Behind Schedule to Achieve Global Data Protection Regulation Compliance

Survey Reveals that Many Companies are Behind Schedule to Achieve Global Data Protection Regulation Compliance

McDermott-Ponemon GDPR Survey Shows that Almost Half of Companies Don't Expect to Have Adequate GDPR Processes in Place by May Deadline

CHICAGO, April 20, 2018 /PRNewswire/ -- A major survey sponsored by international law firm McDermott Will & Emery and carried out by the Ponemon Institute has revealed that many companies are behind schedule to achieve Global Data Protection Regulation (GDPR) compliance by the looming May deadline. The survey results show that 40% of companies only expect to achieve compliance with the regulation after May 25(th) when the Regulation comes into effect.

The McDermott-Ponemon study surveyed companies across the US and Europe on their understanding of the impact of GDPR and their readiness for it. Key findings of this important benchmark survey are:

    --  52% of the companies responded that they expect to be compliant on or
        before the May 25(th) deadline, and an additional 40% expect to become
        compliant after the deadline (NOTE: 8% of companies were not sure when
        they will achieve compliance)
    --  60% of respondents say GDPR will "significantly change" their
        organizations' workflows regarding the collection, use and protection of
        personal information, with 71% acknowledging that lack of compliance
        could have a detrimental impact on their companies' ability to conduct
        business globally
    --  The difficulty in preparing for data breach notification, a cornerstone
        of the regulation, is the most difficult obligation according to 83% of
        respondents - with 68% saying that inability to comply with the
        notification requirement poses the greatest risk to their companies

"There is a lot more work to be done for GDPR readiness, this study shows. These findings reflect the demanding nature of GDPR and the anxiety around complying with it," said Mark Schreiber, McDermott partner and a leader of the Firm's Global Privacy and Cybersecurity Practice. "A key issue here is prioritizing what can be done in the remaining time before that May deadline and acting on those high risk areas."

"Compliance is more than just updating your privacy policy, and so it is heartening to see so much wholesale change to workflows and an appreciation that business-as-usual processing will change after May 25," said Ashley Winton, McDermott London partner and Chairman of the Data Protection Forum. "However, it is particularly interesting to see which sectors are making the most effort to get into compliance, as it is not just consumer or retail facing companies. With markedly disparate levels of compliance expected by May 25, it will be interesting to see what the regulators response will be."

The survey shows that companies are investing heavily in attempting to achieve GDPR compliance. The average annual budget for compliance is $13 million according to the findings - a figure that one in three companies expects to review annually. More than one in five (22%) believe that a budget allocation will continue indefinitely in their organization due to a need to continue with investment in technologies, governance practices and staffing. Respondents believe that the majority of the budget will be spent on Managed Services (28% of spend), followed by Personnel (19% of spend) and technology (17% of spend).

"The risks of failing to comply with GDPR have been most often reflected by organizations' fear of the potential size of the financial penalties that non-compliance could bring about," said Larry Ponemon, founder of the Ponemon Institute. "The headline figures - fines of up to EUR20m or 4% of global turnover, whichever is the greater amount - represent a potentially massive fine for companies."

The full survey results can be accessed and downloaded here: The Race To GDPR: A Study of Companies in the United States and Europe.

For additional details on the EU's Global Data Protection Regulation and model GDPR policies and templates, please visit www.mwe.com/GDPR.

About McDermott Will & Emery
McDermott Will & Emery is a premier international law firm with a diversified business practice. Numbering more than 1,000 lawyers, we have offices in Boston, Brussels, Chicago, Dallas, Düsseldorf, Frankfurt, Houston, London, Los Angeles, Miami, Milan, Munich, New York, Orange County, Paris, Seoul, Silicon Valley and Washington, DC. Further extending our reach into Asia, we have a strategic alliance with MWE China Law Offices in Shanghai.

About The Ponemon Institute
The Ponemon Institute was founded in 2002 by Dr. Larry Ponemon. Headquartered in Michigan, The Ponemon Institute is considered the pre-eminent research center dedicated to privacy, data protection and information security policy. Our annual consumer studies on privacy trust are widely quoted in the media and our research quantifying the cost of a data breach has become valuable to organizations seeking to understand the business impact of lost or stolen data.

CONTACT: Jenna Gatski Einstein, jgatskieinstein@mwe.com, +1 202 756 8802

View original content with multimedia:http://www.prnewswire.com/news-releases/survey-reveals-that-many-companies-are-behind-schedule-to-achieve-global-data-protection-regulation-compliance-300633722.html

SOURCE McDermott Will & Emery

Related News

COVID-19 Reinforces Need for Federal Consumer Data Privacy Laws

Bloomberg Law Looks At 2021's Top Privacy & Data Security Issues

Mobvista Receives SOC2 Type1 Report, Achieves International Level for Data Security and Privacy Protection Standards

Dathena Raises $12M Series A Round to Drive Global Adoption of AI-Powered Data Privacy and Security Solution

Notice of Data Privacy Event

Kingland Enhances Data Privacy and Security

Major Conferencing Provider iotum says Client Privacy Must Be Protected

NOTICE OF DATA BREACH

View all News

Related Procurements

Deadline: Sep 10, 2025

Mh-65 Spare Parts

{'NoticeId': '48dbe68a3f4a4b25bc0d77436e360c1e', 'Title': 'MH-65 Spare Parts', 'Sol#': '70Z03825QB0000062', 'Department/Ind.Agency': 'HOMELAND SECURITY, DEPARTMENT OF', 'CGAC': '070', 'Sub-Tier': 'US COAST GUARD', 'FPDS Code': '7008', 'Office': 'AVIATION LOGISTICS CENTER (ALC)(00038)', 'AAC Code': '70Z038',...

Deadline: Dec 30, 2025

2840 - GAS TURBINES AND JET ENGINES, AIRCRAFT, PRIME MOVING; AND COMPONENTS

{'NoticeId': '5e4b5a6140744c12825843c679e304e7', 'Title': 'FD2030-25-00602', 'Sol#': 'FD2030-25-00602', 'Department/Ind.Agency': 'DEPT OF DEFENSE', 'CGAC': '097', 'Sub-Tier': 'DEFENSE LOGISTICS AGENCY', 'FPDS Code': '97AS', 'Office': 'DLA AVIATION OKLAHOMA CITY', 'AAC Code': '', 'PostedDate': '2024-12-30 13:01:02.902-05',...

Deadline: Dec 19, 2025

2840 - GAS TURBINES AND JET ENGINES, AIRCRAFT, PRIME MOVING; AND COMPONENTS

OrderedDict([('NoticeId', '9892e0a686e041db964bdc8e8252389c'), ('Title', 'FD2030-25-00650'), ('Sol#', 'FD2030-25-00650'), ('Department/Ind.Agency', 'DEPT OF DEFENSE'), ('CGAC', '097'), ('Sub-Tier', 'DEFENSE LOGISTICS AGENCY'), ('FPDS Code', '97AS'), ('Office', 'DLA AVIATION OKLAHOMA CITY'), ('AAC Code', ''), ('PostedDate', '2024-12-19 08:22:03.682-05'),...

View all Procurementsp