With less than 10 working days to go to GDPR D-Day, SMBs are feeling the pressure most. Over 4,000 took part in Mailjet’s recent active GDPR readiness test in the last 8 weeks and the top findings are:
- 80% continue to collect personal data from customers
- 67% still aren’t protecting it properly through encryption technologies
- US startups are generally better prepared than their European counterparts
Data protection:
- Despite low results, the United States is at the top of the data protection ranking with 53% of US startups stating they encrypt the data they process and 47% have a warning system in case of a breach that could put customer data at risk
- Europe is falling behind on this, particularly in France with only 21% of start-ups declaring they protect their data properly and 28% having an alert system in place
- The UK is the best positioned in the European ranking with 33% encrypting data and 44% have an intrusion or breach alert procedure
Data consent:
- French startups are again ranked last in Europe when it comes to seeking consumer consent (40%) and allowing consumers to simply withdraw it (53%)
- The UK is better positioned to obtain consent (50%) and to allow consumers to withdraw it easily (62%)
- However Spain tops the list for consent, with 60% seeking this and 75% incorporating straightforward withdrawal
- The results are more nuanced for the United States, half of respondents (50%) ensure that consent is obtained, but only 44% make it easy for clients to withdraw consent
Data minimisation (The principle of data minimisation consists in collecting only the data strictly necessary to achieve the objective):
- In Europe, the gap between France and the UK is notable with 80% of UK startups recognising the importance of data minimisation tactics compared to only 68% of French start-ups
- Spain again leads the charge with 84% only collecting necessary data and 80% in the US
Third-party providers compliance:
- Working with a supplier that is not GDPR compliant puts the reputation of companies at risk and exposes them to significant financial implications
- Yet around the world, the results are worrying with less than half of start-ups checking their suppliers’ compliance
- Germany in particular unfortunately comes bottom of the list, with only 37% ensuring their provider compliance whilst the US is top with 52%
[su_box title=”About Mailjet” style=”noise” box_color=”#336588″][short_info id=’60609′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.