98% of firms still not quite sure about GDPR specifics
The European Union’s upcoming GDPR regulations are causing many businesses to migrate their data to a new location as a result of the changing requirements for data protection, according to new findings from McAfee.
Out of 800 senior business decision-makers in eight countries (Australia, Singapore, Japan, Brazil, France, Germany, the UK and the US), 53% do not know where their data is located at all time.
Despite not knowing where their data lies, 48% are considering data migration as a result of regulations or changing government policies.
The EU’s GDPR comes into effect in May 2018 and will cast firmer laws for the personal data protection of more than 500 million people in the region.
70% of respondents believe that GDPR will crown Europe a world leader in data protection, although the United States remains the most popular data storage location.
McAfee chief scientist Raj Samani says that data protection is critical as it is one of the world’s most valuable assets.
“The good news is that businesses are finding that stricter data protection regulations benefit both consumers and their bottom line. However, many have short-term barriers to overcome to become compliant, for example, to reduce the time it takes to report a breach.”
On average, organisations take 11 days to report a breach, according to the report, and 63% believes there is a stigma attached to reporting breaches.
Some benefits for businesses include gaining new customers, according to 74% of respondents. 83% also take public sentiment towards data privacy into account when making data residency decisions.
However, political events and turmoil such as US policies and Brexit can also impact respondents’ technology acquisitions, with 51% saying they are being held back by external data protection regulations.
However, only 2% of respondents ‘really understand’ the laws that apply to their specific organisations, right down to all clause levels. 54% believe their organisation has a ‘complete understanding’ of those regulations.
Such wavering statistics shows that there are conflicting beliefs about data protection regulations, McAfee says.
Only 26% of respondents believe their organisation will be able to meet the GDPR’s 72-hour breach report deadline.
Most respondents wish to store data in countries with stringent data protection policies. While they may not like compliance laws, they do benefit customers and an organisation’s bottom line.
“Moving forward, increased awareness and understanding about a company’s data assets will lead to better usage and protection,” McAfee concludes.