NEWS6 November 2015

Half of US businesses unaware of EU data changes

GDPR North America Privacy

US — Just half of US-based businesses are aware of the imminent General Data Protection Regulation (GDPR), according to new research.

The GDPR is designed to be a single law that unifies data protection within the EU, as the current EU Data Protection Directive 95/46/EC was judged not to consider aspects such as globalisation and technological developments like social networks and cloud computing sufficiently. The new law is slated to become law by the end of 2015 and will mandate that all companies with EU customers follow the new rules, regardless of where they’re based.

A study carried out by TRUSTe, a provider of data privacy management solutions, gathered responses from around 200 individuals with knowledge of data privacy from companies with over 250 employees in the US, UK, France and Germany. Results showed that knowledge of the GDPR was highest among financial services companies, at 58%, and lowest among tech companies, at 43%.

“The GDPR represents the most significant global development in data protection law in the last twenty years and for many US companies will require a complete restructuring of the way they currently collect, store and transfer personal data,” said Chris Babel, TRUSTe CEO. “Despite over four years of high profile negotiations, half of companies are still unaware and there is a worrying chasm between those who are actively preparing and those blind to the changes ahead.”

The full report can be accessed here.