NEWS23 October 2017

Gap in GDPR readiness across Europe

Data analytics Europe GDPR News

EUROPE – A study has highlighted inconsistencies in the level of preparation and readiness for the General Data Protection Regulation (GDPR) across European countries.


With under nine months until GDPR comes into force, new research from Kaspersky Lab suggests inconsistencies in preparation amongst European IT professionals from one country to another.

The survey of over 2,000 IT decision-makers in organisations with more than 50 employees, across 11 European countries, found that the UK, France, Germany, Italy, Spain and the Netherlands show a higher level of readiness for GDPR in comparison to Belgium, Portugal, Denmark and Norway.

In the UK, half of respondents ( 49%) said they have a good knowledge of the regulation, closely followed by France ( 47%), Germany and Italy (both 46%).  The EU ‘big five’ are also more prepared for the changes, with four out of five decision-makers surveyed in the UK, France, Germany, Italy and Spain saying that preparations are well under way.

By contrast, the survey found that almost a third ( 29%) of Danish IT professionals have made little or no preparations so far, a trend echoed in Portugal ( 26%), Norway and Belgium.

In Belgium, a third ( 32%) of IT professionals surveyed said they had no awareness of GDPR other than hearing the name, while 16% said they had no awareness of it whatsoever.

In Norway, almost half ( 46%) of those surveyed said they are not confident that those responsible for handling personal data within their organisations are aware that existing laws are changing.

The regulation is due to come into force on 25 May 2018.

Adam Maskatiya, general manager, UK & Ireland at Kaspersky Lab, said: “Many businesses are putting themselves and their clients at risk by not making vital preparations and changes now to the way personal information is harvested and secured. Many of the businesses affected by the legislation will have operations across Europe so the preparation gap is particularly alarming as such businesses should be sharing information about compliance across their business and have a clear point of responsibility within their company.

“The deadline is the same for every company no matter their size, industry or location, so action needs to be taken now to get data handling practices up to scratch before the wrath of the regulators makes the impact of GDPR a bitter pill to swallow, rather than a good thing for the data health of an organisation.”