The General Data Protection Regulation (GDPR) will catch many businesses unaware and unprepared for the data collection challenges that the regulation entails.
The research – Finding The Missing Link in GDPR Compliance – is based on the views of more than 1000 senior executives from companies in the UK, France, Germany, Spain and Italy.
Hours spent searching through mountains of data
It finds that, on average, a company will get 89 GDPR enquiries per month, for which they will need to search an average of 23 different databases, each taking about 5 minutes. The total time spent simply looking for data per month will be more than 10,300 minutes (172 hours) equating to over 8 hours of searching per working day - or 1 employee dedicated solely to GDPR enquiries.
The great data collection challenge
The issue is even more pronounced for large companies. These expect to get an average 246 GDPR enquiries per month, for which they will need to search an average of 43 different databases, each taking more than 7 minutes. They will spend more than 75,500 minutes per month (1259 hours) which equates to nearly 60 hours of searching per working day - or 7.5 employees dedicated solely to GDPR enquiries every day.
The estimated time spent on searches implies that a company knows where to look for data. The research, however, found that one in ten businesses do not know where their relevant data is stored and many are unsure whether they can account for all their databases.
High stakes, high fines
The research shows that there is general concern regarding GDPR compliance, but the risks are ignored by many. 44% of companies say they are “concerned” about their ability to be compliant. The issue is more alarming when it comes to large companies, where over half (60%) are worried about their ability to be compliant.
When it comes to fines, only a third of companies (35%) are aware that the potential financial fines for non-compliance, which in the worst cases can be EUR 20 million or 4% of global annual turnover, are very severe. An alarming 30% say that financial penalties will have no impact at all; 15% say that they “don’t know” about the impact of financial fines.
Small businesses seem to be the least concerned with the new data regulations. Only 38% of SMEs and 29% of micro businesses recognize the true impact that the fines will have on their operations, compared to 47% of large companies.
60% of EU businesses “at risk” or “challenged” by GDPR
Based on responses, Senzing calculates that a quarter (24%) of EU companies are “at risk” in terms of being GDPR compliant. A further 36% are deemed “challenged” by the regulation, with only 40% being classed as “ready”. Taken as a proportion of all businesses operating in the EU, this could translate into tens of billions, if not hundreds of billions, of euros in fines.
To address this single subject search gap, Senzing is launching G2 for GDPR. This software was developed to enable organisations to resolve who is who in their data, quickly and cost effectively, factoring in multiple databases, erroneous inputs, misspellings, duplications and different names and aggregating everything relevant for one data subject. This is designed to facilitate GDPR compliance.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now