GDPR Preparedness by the Numbers: What the Data Says
Under the General Data Protection Regulation (GDPR), everything you’ve taken for granted when it comes to data collection on your website is now coming to an end. From retargeting campaigns to behavioral tracking, companies will need full visibility into not only what data they’re collecting and how they’re using it, but how their vendors are using it. And in many cases, they are going to need get consent from the user before they can even begin to execute many of their marketing initiatives.
It’s not a challenge that can be solved overnight; companies need mature data governance plans in place come May of this year. Given the areas of an organization that will be affected, it will require people, processes and technology to comply with the GDPR’s multi-faceted requirements, one of which is making sure their websites and applications are GDPR-compliant.
Given how high the stakes are (fines of up to 4% of annual global turnover or €20 Million (whichever is greater), we thought it’d be interesting to see where companies are in their GDPR preparation process. So, we commissioned Forrester late last year (September) to conduct a survey where they asked 263 data and compliance professionals from the US, UK, Germany, and France at organizations with 100+ employees what they’re doing to prepare for the new law.
Here’s an infographic that sums up the data. Some key takeaways:
- Most companies have been preparing for GDPR for a long time. Those that haven’t started preparing for GDPR are in the minority: 72% of firms started preparing for the GDPR over a year ago, prior to September 2016.
- A majority of companies recognize that the GDPR’s complexity around how data is handled requires a digital governance plan: 74% plan to have a digital governance strategy in place by May 2018.
- Companies are investing heavily into making sure they are GDPR-compliant, indicating that they are taking the law and its consequences seriously. They’re even planning on increasing spend in the future, which likely means they’re anticipating enforcement of the law will grow not ebb: 48% of have an initial establishing budget of $1M+. 58% have an annual maintaining budget of $1M+.
- Realizing that they will be held accountable for all data collection happening on their websites by third-parties, over half plan to more closely manage vendor relationships under the GDRP: 64% plan to continuously audit vendors to ensure compliance. 60% plan to only work with vendors that are compliant.
- There is a real concern that complying with the GDPR could undermine the customer experience: 39% anticipate the challenge of balancing compliance with exceptional CX when the GDPR goes into effect.
- Ultimately, companies believe that there is upside with the GDPR, such as improved customer satisfaction, loyalty, and increased engagement.
- More than a quarter of companies (29%) think the GDPR will help them better personalize digital experiences.
If you’d like to learn more, you can download a complimentary copy of the entire Forrester study, “Embracing The GDPR To Gain A Competitive Advantage.”