UK and US multinationals overconfident about own GDPR readiness

UK and US multinationals overconfident about own GDPR readiness
29 Jan 2018

Although more than 90% of the largest US and UK companies claim they are ready for the European Union’s General Data Protection Regulation (GDPR), the vast majority are seriously overestimating their own preparedness, a study has found.

A survey by law firm Paul Hastings  of general counsels and chief security officers in the FTSE 350 and Fortune 500 revealed that only 39% of UK and 47% of US firms are setting up an internal GDPR task force.

A third of organisations across both regions are hiring a third party to conduct a GDPR gap analysis and, in the UK, the same proportion have taken on a third-party consultant or counsel to assist with compliance. The figure is slightly higher in the US at 37%.

Although appointing a data protection officer is a key requirement for GDPR readiness, only 29% of UK enterprises have hired one. The figure falls to 18% among US firms.

Despite this situation, 94% of FTSE 350 companies claim to be ready for the GDPR, with the number jumping to 98% on the Fortune list.

 

Emma Woollacott is a freelance business journalist. Her work has appeared in a wide range of publications, including the Guardian, the Times, Forbes and the BBC.

 

Although more than 90% of the largest US and UK companies claim they are ready for the European Union’s General Data Protection Regulation (GDPR), the vast majority are seriously overestimating their own preparedness, a study has found.

A survey by law firm Paul Hastings  of general counsels and chief security officers in the FTSE 350 and Fortune 500 revealed that only 39% of UK and 47% of US firms are setting up an internal GDPR task force.

A third of organisations across both regions are hiring a third party to conduct a GDPR gap analysis and, in the UK, the same proportion have taken on a third-party consultant or counsel to assist with compliance. The figure is slightly higher in the US at 37%.

Although appointing a data protection officer is a key requirement for GDPR readiness, only 29% of UK enterprises have hired one. The figure falls to 18% among US firms.

Despite this situation, 94% of FTSE 350 companies claim to be ready for the GDPR, with the number jumping to 98% on the Fortune list.

 

Emma Woollacott is a freelance business journalist. Her work has appeared in a wide range of publications, including the Guardian, the Times, Forbes and the BBC.