Two-thirds of responding IT pros didn’t even know if personal data could be purged entirely from their systems.
Another day, and another survey showing organizational uncertainty about preparation for the General Data Protection Regulation (GDPR), now less than three months away.
In this one, enterprise data management firm Solix conducted an online survey with more than 100 companies. While the sample was relatively small, the respondents were all IT professionals, thus giving some insight into where those departments are:
- Two-thirds of the respondents didn’t know if individuals’ personal data could be purged entirely from their systems.
- Twenty-two percent were not aware they needed to comply with the GDPR if they captured and maintained data of European Union citizens, since they are based outside the U.S. (Many experts say they do.)
- Nearly 40% said that personal data at their companies is not protected from misuse and unauthorized access throughout its lifecycle.
- Sixty-four percent of responding organizations don’t have a Data Protection Officer, as required by GDPR.
- More than half don’t know if they have explicit consent from individuals for processing of their personal data.
The big takeaway, Solix Technologies’ Executive Chairman John Ottman told me, is that “not only are most companies not ready, most do not understand the extent of their obligations.”