UPDATED 11:00 EDT / APRIL 25 2017

INFRA

One in five execs fears new EU privacy rules could drive them out of business

Senior executives at 86 percent of organizations worldwide are concerned that failure to adhere to the European Union’s General Data Protection Regulation rules could have a major negative impact on their business.

Nearly 20 percent said the GDPR rules, which go into effect on May 25, 2018, could actually put them out of business. That’s according to a survey of more than 900 executives in Europe, the U.S. and Asia/Pacific by Veritas Technologies LLC.

The GDPR imposes a standardized set of rules on the patchwork of guidelines the 28 member nations currently apply to storing and transferring personal data. The EU defines personal data as including “anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information or a computer’s IP address.” Companies can only retain personal data as long as it’s used for its original purpose, and organizations may be required to provide proof of deletion.

The rule’s impact is expected to be global because it affects any company doing business in Europe, whether or not it’s headquartered there. Its most controversial element is the penalties, which can be as high as $21 million per incident or 4 percent of the offending company’s annual revenues, whichever is greater.

Judging by the Veritas survey, companies are bracing for a significant hit because of noncompliance. Nearly half the executives surveyed said they have major doubts that they can meet the compliance deadline, and 21 percent are worried about having to lay off employees because of financial penalties for noncompliance.

Nearly a third of respondents worry that their current technology can’t manage data effectively enough to comply with auditing and data discovery demands. Almost 40 percent say they aren’t confident they can even locate relevant data at all, and 42 percent say they have no mechanism in place to determine which data should be saved or deleted based upon regulatory guidelines. Just 11 percent of respondents say they have no concerns about compliance.

Despite the deadline in little more than a year, less than a third of respondents say their organization is already prepared for GDPR. Asia/Pacific companies fare worst in this respect, with more than 60 percent of Japanese and Korean companies fearing they’ll fail to make the deadline. U.S. and Australian companies are most worried about business viability; one quarter of respondents in both countries say the rules could put them out of business.

The new rules take effect in 394 days.

Image: Flickr CC

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU