A new survey from WinMagic, asked IT leaders in the U.S., UK, Germany and France about their current data policies to see how well aligned they are with the EU General Data Protection Regulation (EU GDPR), which comes into force on May 25, 2018. The findings, released today, suggest many still have a great deal of preparatory work to undertake, to avoid substantial non-compliance fines in the future.
The survey of 500 IT Decision Makers did not name EU GDPR in its questions, but asked about areas of policy that would be impacted by the regulation. It found 54% could not say all personally identifiable information was protected through anonymisation and encryption in all digital locations. This alone could mean companies do not meet the “appropriate level of security” requirement specified in Article 32 of the regulation.
In terms of protecting EU citizens from data breaches, the survey found companies do not currently have the processes or technology in place to adequately meet EU GDPR requirements around data breaches:
The EU GDPR regulations also state that “appropriate technical and organizational measures” should be in place to safeguard personal data and minimize data collection, processing and storage. Asked about key areas of data processing, several weaknesses were identified that could leave companies at risk, if not addressed:
Originally published on GDPR.Report