- Datenschutz PRAXIS - https://www.datenschutz-praxis.de - DatenschutzPraxis

GDPR: What’s the status of implementation at your organization?

There is an increasing number of surveys about the General Data Protection Regulation (GDPR). Please do not let yourself be confused. Instead, use the studies as a basis for your own internal research.

GDPR: Surveys show significant deficits

The General Data Protection Regulation (GDPR) is a key topic for the coming months, and not just for data protection officers.

This is evident from the numerous studies and surveys published recently by associations, consulting firms, and IT security providers. Nearly all the studies agree that there is a lot of work to do, both before 25 May 2018 and after.

Naturally, surveys regarding the GDPR implementation status in German companies have a specific focus. This is especially true for studies performed or commissioned by solution providers.

While this is understandable, it may also result in confusion at the companies. Gaining an overview of the various studies is therefore useful before deciding on a plan for determining the implementation status at your own company.

Overview of current results

Because the surveys use different sample sizes and company sizes, and because they target different industries, companies should not focus on percentages too much.

The focus should rather be to identify general weaknesses in the implementation for internal review.

Reviewing general weaknesses

The following results exemplify these facts:

Important: Find your own priorities

Do not use these percentages as the sole basis for prioritising your own list of weaknesses.

The differences between companies are too specific for deriving your own priorities from these statistics.

Summary: Determine the implementation status yourself, and act accordingly

The following checklist indicates typical weaknesses in the implementation of the GDPR that should be reviewed internally. Use the results to make recommendations for internal project planning to remedy deficiencies in the implementation.

Download: GDPR implementation checklist [7]

Time is tight – not just because the media will soon publish the next set of survey results, but because an actual deadline is approaching.

Oliver Schonschek
Oliver Schonschek is a physicist, analyst, and technical IT journalist for IT security and data protection.