NEWS17 May 2018

Majority of companies unlikely to be GDPR compliant in time

Data analytics Europe GDPR News North America Privacy UK

UK – With the General Data Protection Regulation (GDPR) coming into effect on 25 May, research from Capgemini suggests 85% of companies in Europe and the US will not meet the deadline for compliance.

EU data privacy abstract image

British businesses are the most prepared in Europe for GDPR, yet only 55% report that they will be largely or completely compliant, the research found. Of the UK companies surveyed, 15% said GDPR implementation is not a priority.

Spain ( 54%), Germany ( 51%) and the Netherlands ( 51%) follow closely behind the UK for readiness, while only a third ( 33%) of Swedish companies said they will be largely or completely compliant by 25 May. The study’s findings also suggest that one in four firms will not be fully compliant even by the end of 2018.

Capgemini’s Digital Transformation Institute surveyed 1,000 executives from organisations with revenue of over $1bn in France, Germany, Italy, the Netherlands, the UK, the USA, Sweden, and Spain.

The research also spoke to 6,000 consumers across France, Germany, Italy, the Netherlands, the UK, Sweden, and Spain, finding that consumers spend more with organisations when they believe their data is protected, and are more likely to stop doing business with an organisation found to be non-compliant.

Businesses are also potentially overlooking the commercial opportunities of GDPR, with 31% focusing on compliance only – despite 39% of consumers saying they had purchased more products from firms that they are convinced protect their personal data. Furthermore, 40% of consumers said they have transacted more frequently with such organisations.

The research suggests another area of disconnect – while 71% of executives believe consumers will not take significant action against firms post-GDPR, over half ( 57%) of consumer respondents said they would (such as reducing spend or stopping doing business with them) if they know an organisation is failing to protect their data.

Additionally, eight in 10 companies say customers trust their organisation with the privacy and security of data, with only half ( 52%) of consumers in agreement.

Willem de Paepe, global GDPR leader at Capgemini, said: "Executives now have a great chance to use GDPR to create a customer-first privacy strategy. That business opportunity is significant. Beyond gaining consumer confidence and increased spending, knowing exactly what data is held allows firms to use analytics more effectively and improve operations."