Last week we announced the results of a European online survey* that tested the attitudes of IT professionals towards regulation and compliance issues for 2015. The results indicate a shocking lack of awareness and preparedness for the planned General Data Protection Regulation (GDPR).
The regulation is due to come into effect late this year or early next year. It is meant to unify and simplify data protection across 28 countries within the European Union (EU). What’s at risk? Severe penalties of up to 100M EUR or up to five percent of worldwide turnover for organizations in breach of its rules.
Compliance Challenges Ahead for Those Who Don’t Know GDPR or its Timing
- 56% could not accurately identify what ‘GDPR’ means.
- 52% admitted they were not ready for GDPR
- 35% confessed to not knowing whether their IT policies and process were up to the job.
- 12% percent of respondents felt ready for the change
- 64% also conceded they had no idea when this regulation is due to come into effect.
- 14% could correctly identify that the GDPR is due to come into effect in late 2014/early 2015
Priorities for 2015
- 13% said they planned to spend more time understanding and preparing for regulation
- 26% said they wanted to spend more time reviewing and tightening security policies
- 26% said they wanted to be able to spend less time on manual reporting and auditing.
How did the UK, France and Germany stack up?
- Overall, German IT professionals proved to have most awareness of GDPR, with almost half (49%) correctly identifying that GDPR stood for the General Data Protection Regulation.
- Only a quarter (26%) of the British surveyed knew, and just over a third (36%) of the French.
- Likewise, respondents from Germany also felt most confident in their preparedness with almost one fifth (17%) confident enough to say they felt ready for the draft Bill to be passed.
GDPR includes an obligation to protect personal data across the borderless enterprise. IT Professionals should review and bolster their data processing policies and practices now, before the regulation comes into effect. The Ipswitch MOVEit™ managed file transfer system helps IT teams support GDPR requirements in the following ways:
Protecting Personally Identifiable Information (PII)
- Support for secure open standard transfer protocols
- End-to-end encryption, guaranteed delivery and non-repudiation
- Automated file management policies
- Automated file exchange
- Managed ad hoc exchange
- Policy based file access and data loss protection (DLP)
Managing System Exposure
- High availability and disaster recovery
- Monitoring and reporting for auditing and forensics
- Trading partner provisioning and management
*Ipswitch online survey of 316 IT Professionals was conducted in October 2014 and included 104 responses from the UK, 101 responses from France, and 111 responses from Germany.