Companies Unprepared for Right to be Forgotten and EU GDPR

By   ISBuzz Team
Writer , Information Security Buzz | Jan 14, 2016 05:00 pm PST

Although 46 Percent of Global Organizations Received Customer Requests to Remove Data in Last 12 Months, 41 Percent Lack Defined Processes, Documentation & Technology, According to Blancco Technology Group Study

To kick off the formal ratification of the EU General Data Protection Regulation by the European Council in early 2016, Blancco Technology Group today released its new data privacy study, EU GDPR: A Corporate Dilemma. Based on a survey of over 500 global IT professionals across more than 20 types of businesses, the study indicates that organizations lack defined processes, documentation and technology to adequately address the “right to be forgotten” and require major overhauls of their data collection and removal programs to ensure EU GDPR compliance. Although 46 percent of global IT professionals received customer requests to remove data in the last 12 months, 41 percent said they do not have defined processes, documentation and technology/tools for data removal.

“Because the EU GDPR negotiations stretched on for the last four years, many organizations held out hope that an agreement would be postponed, or if things went the way they hoped, the negotiating parties would never come to agreement,” said Pat Clawson, CEO of Blancco Technology Group. “But now that the EU GDPR is a reality and the new privacy rules will be ratified by the European Council in early 2016, many organizations have a considerable amount of work ahead of them to align their IT governance and data protection programs with both regulatory and customer demands.”

Key corporate security trends that surfaced from the study include:

  • While awareness of GDPR is high (48 percent) among global IT professionals, their level of preparation is much lower. 40 percent admit to being less than fully prepared – with 16 percent still needing to find the right data removal software, 9 percent uncertain of how and where to start, and finally, 15 percent not even knowing if they are prepared.
  • Lack of documentation, processes and tools increases the likelihood of GDPR violations. 60 percent of the surveyed IT professionals stated that it would take their organization up to 12 months to implement the necessary IT processes and tools to pass a “right to be forgotten” audit, while 25 percent do not know how long it would take.
  • Data erasure software (48 percent) tops the list of the most valuable type of technology to ensure GDPR compliance, followed by encryption key removal tools (26 percent) and malware removal tools (10 percent).
  • IT professionals inside and outside of Europe (65 percent) are keen to implement data protection laws similar to the framework of EU GDPR.

Clawson concluded, “If organizations want to be ready for GDPR compliance by 2018, they will need to assess their current weaknesses. Once they have done so, they will need to develop end-to-end data lifecycle management processes, create transparent processes and customer communications regarding their data removal methods/tools, and finally, improve their security posturing as a whole to include detection and response and the gathering and sharing of threat intelligence.”

Due to the stringent requirements and penalties imposed by the new law, companies are advised to follow a 12-step action plan to fully prepare for compliance by 2018.

[su_box title=”About Blancco Technology Group” style=”noise” box_color=”#336588″]ff_1Blancco Technology Group is a leading, global provider of mobile device diagnostics and secure data erasure solutions. We help our clients’ customers test, diagnose, repair and repurpose IT devices with the most proven and certified software. Our clientele consists of equipment manufacturers, mobile network operators, retailers, financial institutions, healthcare providers and government organizations worldwide. The company is headquartered in Alpharetta, GA, United States, with a distributed workforce and customer base across the globe.

Blancco, a division of Blancco Technology Group, is the global de facto standard in certified data erasure. We provide thousands of organizations with an absolute line of defense against costly security breaches, as well as verification of regulatory compliance through a 100% tamper-proof audit trail.

SmartChk by Xcaliber Technologies, a division of Blancco Technology Group, is a global innovator in mobile asset diagnostics and business intelligence. We partner with our customers to improve their customers’ experience by providing seamless solutions to test, diagnose and repair mobile assets. SmartChk (or Xcaliber Technologies) provides world-class support, pre and post implementation, allowing our customers to derive measurable business results.[/su_box]


Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x