May 2018 | Data Quality

GDPR enforcement is imminent

That’s why it’s a pivotal moment to observe how well geared up UK organisations are, as well as the changing perceptions of consumers around use of their data.

So, once again, we’ve teamed up with DataIQ to carry out the third instalment of this GDPR Impact Series research. Hot off the press, we were delighted to launch the report at a co-hosted DataIQ event last week where the guest panel, including our own Paul Malyon, got to grips with key priorities and tips for getting ready. You can read more about the discussion in DataIQ’s round up here.

We believe the research delivers the industry benchmark for tracking GDPR readiness – the results are both fascinating and highly encouraging. I’d recommend a read if you want to get a true sense of the current landscape as 25th May approaches. To give you a feel for the headlines here’s my take on the findings, along with a few key stats.

Savvy consumers + more clued up organisations = good progress

Without a doubt, consumer expectations have shifted dramatically since 2016. They are more savvy than ever about the use of their personal data and organisations need to act responsibly when it comes to managing it. As consumer awareness of the change in data protection laws is at an all-time high, it creates an opportunity for organisations to have valuable and transparent conversations with their customers about their personal data. This helps to create trust, and consumers who already know about the law and trust the organisation are more likely to share their data.

For organisations, it’s clear that the GDPR is being taken seriously, and rightly so. We can clearly see that fostering vital trust with consumers comes with a distinct set of obligations and an expectation to keep data clean, secure and, up-to-date. In terms of funding for their GDPR programmes, two-thirds say the Board is their main source, with Finance close behind.

This highlights how potentially impactful the regulation is set to be on business processes and goes a long way to explain why efforts to address the changes are backed at the highest level. This mindset is also reflected in our recent Global Data Management Research which uncovered that 72% of UK organisations believe that the GDPR presents an opportunity to refine their data management strategy.

The start of a new regulatory era

While the first chapter of the GDPR journey is coming to a close, it’s the beginning of a new regulatory era. Despite great progress having been made, there’s still a lot to do as we enter an era where privacy by design must be the norm and managing personal data is well planned, governed, and founded in ethical data practises.

We hope that this report will help organisations to transition their preparations into business-as-usual processes. I truly believe that those organisations which are meeting the challenges head-on will start to see the fruits of their labour, not just in terms of being compliant, but as a vehicle for building trust and strengthening relationships with their customers.

Five key findings from the report

Six out of ten consumers now say they are aware – either ‘fully’ or ‘somewhat’ – of a new data protection law. This has reversed the position from last year when six out of ten said they were either only ‘slightly’ aware or had heard nothing about it.

The number of consumers who say they are happy to share their data if they trust the company (‘Trusting’) has nearly doubled between 2016 and 2018, from 16% to 30%. At the same time, the number who prefer not to share (‘Cautious’) has fallen from nearly half (49%) to one third (32%).

Virtually every organisation in the UK is ‘very’ or ‘somewhat’ aware of GDPR, with a significant increase in those most aware from 46% in 2016 to 84.3% in 2018. One quarter (25.4%) are now ‘very prepared’ with a further 61% ‘somewhat prepared’, up a combined 30% since 2016.

As awareness and preparation for GDPR has risen, so has maturity in the adoption of data and analytics – 62.7% of organisations now place themselves in the upper two quintiles of ‘Managed’ or ‘Optimised’, up from 39% in 2016.

To underline the seriousness with which the GDPR is being taken, two-thirds of organisations (68.5 %) say the Board is their leading source of funding for compliance programmes, with Finance in second place (46%).

We offer a range of services to support organisations as they navigate GDPR compliance and move into the next phase of maintaining their regulatory compliance as the norm.

Please note that while we can support businesses with their preparations for the GDPR, we cannot offer legal counsel or compliance advice.