More than two months after the European Union’s (EU) General Data Protection Regulation (GDPR) came into effect, a mere 34.5% of US professionals involved in compliance efforts say their organisations can defensibly demonstrate that they are conforming to it.
A new Deloitte poll of nearly 500 professionals found that a third of respondents hoped to be compliant at some point in 2018. But 11.7% plan to take a 'wait-and-see' approach amid uncertainty over how EU regulators in various countries will enforce the new legislation.
In Spain, for example, a law has just been passed to give businesses time to update data processing contracts entered into before the GDPR took effect, according to Out-Law.
Data processing agreements signed before 25 May will remain in force until the expiration date stated in the contracts or, if no date is stipulated, until 25 May 2022. But both the data controller and data processor can demand that their agreement is updated to reflect the new requirements on third party processing set out in article 28 of the GDPR.
In the UK, meanwhile, there has been a fivefold increase in the number of organisations that have issued personal data breach notifications in the first month after the GDPR came into force, the Information Commissioner's Office has revealed.
In June, there were 1,792 personal data breach notifications, a 173% rise on the 657 reported the previous month, and an almost fivefold increase on April when there were just 367. The sectors accounting for the highest number of self-reported data breaches were health, education, general business, solicitors and barristers, and local government, reported Business Cloud.
Emma Woollacott is a freelance business journalist. Her work has appeared in a wide range of publications, including the Guardian, the Times, Forbes and the BBC.
OTHER ARTICLES THAT MAY INTEREST YOU
Seven tips for getting on top of GDPR
More than two months after the European Union’s (EU) General Data Protection Regulation (GDPR) came into effect, a mere 34.5% of US professionals involved in compliance efforts say their organisations can defensibly demonstrate that they are conforming to it.
A new Deloitte poll of nearly 500 professionals found that a third of respondents hoped to be compliant at some point in 2018. But 11.7% plan to take a 'wait-and-see' approach amid uncertainty over how EU regulators in various countries will enforce the new legislation.
In Spain, for example, a law has just been passed to give businesses time to update data processing contracts entered into before the GDPR took effect, according to Out-Law.
Data processing agreements signed before 25 May will remain in force until the expiration date stated in the contracts or, if no date is stipulated, until 25 May 2022. But both the data controller and data processor can demand that their agreement is updated to reflect the new requirements on third party processing set out in article 28 of the GDPR.
In the UK, meanwhile, there has been a fivefold increase in the number of organisations that have issued personal data breach notifications in the first month after the GDPR came into force, the Information Commissioner's Office has revealed.
In June, there were 1,792 personal data breach notifications, a 173% rise on the 657 reported the previous month, and an almost fivefold increase on April when there were just 367. The sectors accounting for the highest number of self-reported data breaches were health, education, general business, solicitors and barristers, and local government, reported Business Cloud.
Emma Woollacott is a freelance business journalist. Her work has appeared in a wide range of publications, including the Guardian, the Times, Forbes and the BBC.
OTHER ARTICLES THAT MAY INTEREST YOU
Seven tips for getting on top of GDPR
