GDPR Compliance Trends

GDPR Compliance Trends and Statistics

2019 GDPR Implementation Trends

2019 GDPR Compliance Trends

In November 2018, we surveyed over 150 management and IT professionals from the United States, United Kingdom, and European Union about their implementation of the EU General Data Protection Regulation (GDPR) since the May 25th, 2018 GDPR effective date. This data visualization is an analysis of their collected responses.

How Prepared are Organizations with GDPR Compliance?

• Extremely prepared: 9%
• Moderately prepared: 32%
• Somewhat prepared: 32%
• Slightly prepared: 16%
• Not prepared at all: 11%

How Important Is GDPR Compliance?

• High Priority: 45%
• Medium Priority: 29%
• Low Priority: 17%
• Not a Priority: 4%
• What is GDPR?: 5%

How Will Organizations Meet GDPR Requirements?

• Hire someone to help: 21%
• Do it ourselves: 71%
• Not worried about GDPR: 6%
• What is GDPR?: 2%

What Other Mandates Are Organizations Required to Follow?

• PCI DSS: 92%
• HIPAA: 27%
• SOC (Type 1 or 2): 21%
• ISO (2700): 15%
• FISMA: 8%

Takeaways

• 74% consider GDPR compliance a medium to high priority for their organization.
• 92% also comply with the Payment Card Industry Data Security Standard (PCI DSS).
• 21% will hire a third party to help them meet GDPR requirements.
• 41% consider themselves at least moderately prepared for GDPR compliance.

GDPR Compliance: UK vs. US Organizations

https://info.securitymetrics.com/gdpr-analysis-uk-vs-us

2018 GDPR Compliance Trends: UK vs. US Organizations

We interviewed over 500 management and IT professionals in the United States and the United Kingdom about their preparation for the EU General Data Protection Regulation (GDPR). This data visualization is an analysis of their collected responses.

How Important Is GDPR Compliance?

US

• High Priority: 32%
• Medium Priority: 27%
• Low Priority: 18%
• Not a Priority: 4%
• What is GDPR?: 19%

UK

• High Priority: 44%
• Medium Priority: 13%
• Low Priority: 5%
• Not a Priority: 3%
• What is GDPR?: 35%
  

How Will Organizations Meet GDPR Requirements?

US

• Hire someone to help: 32%
• Do it ourselves: 57%
• Not worried about GDPR: 9%
• What is GDPR?: 2%

UK

• Hire someone to help: 17%
• Do it ourselves: 42%
• Not worried about GDPR: 5%
• What is GDPR?: 36%
  

Takeaways

• 59% of US respondents consider GDPR compliance a medium to high priority for their organization.
• 57% of UK respondents consider GDPR compliance a medium to high priority for their organization.
• 11% of US respondents either didn't know what GDPR was or were not worried about it.
• 41% of UK respondents either didn't know what GDPR was or were not worried about it.

How Prepared Are US Organizations for the GDPR?

https://info.securitymetrics.com/gdpr-analysis-us

How Prepared Are US Organizations for the GDPR?

We interviewed over 250 management and IT professionals in the United States of America about the EU General Data Protection Regulation (GDPR) and their GDPR compliance efforts. This data visualization is an analysis of their collected responses.

How Important Is GDPR Compliance

• High Priority: 32%
• Medium Priority: 27%
• Low Priority: 18%
• Not a Priority: 4%
• What is GDPR?: 19%

GDPR Readiness for the May 25th, 2018 GDPR Implementation Date

• Extremely Ready: 2%
• Moderately Ready: 22%
• Somewhat Ready: 36%
• Slightly Ready: 16%
• Not at All Ready: 24%

How Will Organizations Meet GDPR Requirements

• Hire someone to help: 32%
• Do it ourselves: 57%
• Not worried about GDPR: 9%
• What is GDPR?: 2%

Takeaways

• 86% of respondents also have to comply with the Payment Card Industry Data Security Standard (PCI DSS).
• 41% of respondents also have to comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
• On average, 24% US respondents consider themselves at least moderately ready for the May 25th, 2018 GDPR implementation date (as of January-April 2018).
• 60% of respondents consider GDPR compliance a medium to high priority for their organization.
  

How Prepared Are UK Organisations for the GDPR?

http://info.securitymetrics.com/gdpr-analaysis-uk

HOW PREPARED ARE UK ORGANISATIONS FOR THE GDPR?

We interviewed over 250 management and IT professionals in the United Kingdom about the EU General Data Protection Regulation (GDPR) and their GDPR compliance efforts. This data visualization is an analysis of their collected responses.

Estimated Annual GDPR Budget

• <$200: 55%
• $201-1,000: 32%
• $1,001-3,000: 4%
• $3,001+: 9%

GDPR Readiness for the May 25th, 2018 GDPR Implementation Date

• 0%: 14%
• 10%: 3%
• 20%: 6%
• 30%: 3%
• 40%: 4%
• 50%: 15%
• 60%: 10%
• 70%: 14%
• 80%: 19%
• 90%: 2%
• 100%: 10%

How Important Is GDPR Compliance

• High priority: 44%
• Medium priority: 13%
• Low priority: 5%
• Not a priority: 3%
• What is GDPR?: 35%

How Will Organizations Meet GDPR Requirements

• Hire someone to help: 17%
• Do it ourselves: 42%
• Not worried about GDPR: 5%
• What is GDPR?: 36%

Takeaways

• 62% of respondents also comply with the Payment Card Industry Data Security Standard (PCI DSS).
• On average, UK respondents are about 54% ready for the May 25th, 2018 GDPR implementation date (as of February-March 2018).
• 57% of respondents consider GDPR compliance a medium to high priority for their organisation.