Solix survey supplies more evidence of GDPR unreadiness

Another day, and another survey showing organizational uncertainty about preparation for the General Data Protection Regulation (GDPR), now less than three months away.

In this one, enterprise data management firm Solix conducted an online survey with more than 100 companies. While the sample was relatively small, the respondents were all IT professionals, thus giving some insight into where those departments are:

• Two-thirds of the respondents didn’t know if individuals’ personal data could be purged entirely from their systems.
• Twenty-two percent were not aware they needed to comply with the GDPR if they captured and maintained data of European Union citizens, since they are based outside the U.S. (Many experts say they do.)
• Nearly 40% said that personal data at their companies is not protected from misuse and unauthorized access throughout its lifecycle.
• Sixty-four percent of responding organizations don’t have a Data Protection Officer, as required by GDPR.
• More than half don’t know if they have explicit consent from individuals for processing of their personal data.

The big takeaway, Solix Technologies’ Executive Chairman John Ottman told me, is that “not only are most companies not ready, most do not understand the extent of their obligations.”

Infographic by Solix

Some companies are promoting blockchain-based technologies as a possible technical solution to GDPR’s requirements. But, interestingly, Ottman said that the transparency-oriented blockchain is “incompatible with GDPR” because it doesn’t readily accommodate privacy.

While Solix is not exactly an impartial observer — it offers GDPR consulting — the survey’s assessment of IT managers does contribute more evidence that the majority of companies that need to be compliant with GDPR’s launch on May 25 are not ready.

It is also consistent with other surveys. In January, for instance, a study by email provider Mailjet found that nearly two-thirds of startups weren’t compliant with GDPR.

Last month, a Forrester survey of 395 security decision-makers at companies with more than 20 employees found that only about 30 percent were GDPR-compliant — and even those may not be. At the end of last year, Forrester predicted that as many as 80 percent of companies will not comply.

Of the 100+ companies surveyed by Solix, 40 percent were in North America, 40 percent in EMEA and 20 percent elsewhere. They were all customers, prospects or registered users of Solix, or they were attendees of European conferences.

[Article on MarTech Today.]

About The Author

Barry Levine

Barry Levine covers marketing technology for Third Door Media. Previously, he covered this space as a Senior Writer for VentureBeat, and he has written about these and other tech subjects for such publications as CMSWire and NewsFactor. He founded and led the web site/unit at PBS station Thirteen/WNET; worked as an online Senior Producer/writer for Viacom; created a successful interactive game, PLAY IT BY EAR: The First CD Game; founded and led an independent film showcase, CENTER SCREEN, based at Harvard and M.I.T.; and served over five years as a consultant to the M.I.T. Media Lab. You can find him at LinkedIn, and on Twitter at xBarryLevine.