• by Ray Schultz , January 30, 2018

Only 40% of European companies are prepared for the General Data Protection Regulation (GDPR), according to a study by Senzing.

Of 1,015 companies surveyed, 60% are not “GDPR ready,” and 36% are GDPR-challenged, Senzing reports. And many are worried about it.

For instance, 44% of companies from the five largest EU economies are concerned about their ability to comply with GDPR. And the larger they are, the more concerned they are.

Of those surveyed, 60% of large companies are concerned. In comparison, 55% of SMEs and 34% of micro businesses say the same thing.

The country with the highest level of concern is in Spain, where 76% of all executives are concerned about GDPR, and 41% are "very concerned."

On average, a company can expect to get 89 GDPR inquiries per month. To answer, they will need to search an average of 23 databases, with each taking about five minutes. The result: Firms will spend 10,300 minutes, or 172 hours, a month.

It’s worse for large outfits — they expect 246 inquiries per month, for which they will have to search 43 databases, with each search taking more than seven minutes. This equates to 75,500 minutes, or 1,259 hours.

Compounding this problem is that 12% just don’t know where all their data is stored, and less than half are “very confident” that they know where it is housed.

France is the least confident among the countries surveyed, with 27% saying they are not certain where their data is housed. In addition, 30% of French firms are not confident that they have accounted for all databases. 

In contrast, 13% in Italy feel the same way, and 12% in the UK. 

“You can’t search what you can’t find,” states Jeff Jonas, founder and CEO of Senzing. "Finding out who is who and where their data is should be the first principle of GDPR compliance."

What are they doing about it? The study found that:

Overall, only 39% of all firms plan to overhaul their IT/customer data systems. That includes 64% of the large companies and 48% of the SMEs.

But 38% expect to do nothing because their systems are already optimal, they say. Small firms are more likely to feel that way — 27%, compared with 16% of large businesses.

Meanwhile, only 35% are aware of the severe penalties, and 30% say the fines will have no impact. And 15% don’t know.   

One takeaway: “This is more than simply about being GDPR compliant,” states James Canton, chairman of the Institute for Global Futures, according to the report. “Society is unprepared for knowledge extraction and the demands for faster decision-making that our customers and markets, our planet, will require for high performance, competitive advantage and likely survival in the future.”