GDPR deadline looms – help for small stores

Many companies are behind schedule to achieve Global Data Protection Regulation (GDPR) compliance by the looming May 25 deadline. Around 40% of companies only expect to achieve compliance with the regulation after the deadline.

That’s the finding of a major survey sponsored by international law firm McDermott Will & Emery and carried out by the Ponemon Institute.

The McDermott-Ponemon study surveyed companies across the US and Europe on their understanding of the impact of GDPR and their readiness for it. Key findings of this important benchmark survey are:

  • 52% of the companies responded that they expect to be compliant on or before the May 25 deadline, with an additional 40% expect to become compliant after the deadline, and 8% not sure when they will achieve compliance.
  • 60% of respondents say GDPR will “significantly change” their organisations’ workflows regarding the collection, use and protection of personal information.
  • The difficulty in preparing for data breach notification, a cornerstone of the regulation, is the most difficult obligation according to 83% of respondents – with 68% saying that inability to comply with the notification requirement poses the greatest risk to their company.

The full survey results can be accessed and downloaded here.

UK retailers concerned about the regulation should study the Information Commissioner’s Office Guide to GDPR..

Advice for small stores and businesses is available here.

A full summary with health food stores in mind is available in the latest issue of Better Retailing Magazine (Spring 2018, pages 28-30).

Read more Insights here...