New Spiceworks Research Reveals Most IT Departments Are Unprepared for GDPR and Unconcerned About Potential Fines
Survey finds IT departments in the U.S. are significantly less prepared and concerned about GDPR than their counterparts in the U.K. and the rest of the EU
/EINPresswire.com/ — AUSTIN, TX–(Marketwired – Jun 27, 2017) – Spiceworks, the professional network for IT, today announced the results of a new survey that explores how IT departments are preparing for the General Data Protection Regulation (GDPR) due to go into effect in May 2018. The research, GDPR: The Impact on IT, reveals that although many IT professionals are in favor of GDPR, a majority are not currently preparing their organization for compliance due to a lack of resources, prioritization, and information on the steps they need to take to comply. The findings indicate organizations in the United States are significantly less prepared for GDPR and less concerned about potential fines than their counterparts in the United Kingdom and the rest of the European Union (EU).
The survey results show 40 percent of organizations in the U.K. and 28 percent in the rest of the EU have started to prepare for GDPR, compared to only 5 percent in the U.S. Additionally, only 2 percent of IT professionals in the U.S., 5 percent in the U.K., and 2 percent in the rest of the EU believe their company is fully prepared for GDPR. Forty-three percent of IT professionals in the U.S. don’t believe GDPR will impact their organization at all, compared to only 3 percent in the U.K. and 9 percent in other EU countries.
Among those that do believe they’ll be impacted, the results show U.S. IT departments are the least concerned about potential GDPR fines if their organization doesn’t comply. While only 10 percent are concerned about facing major fines in the U.S., nearly one-third are concerned in the U.K. and the rest of the EU. However, only 9 percent of IT professionals in the US believe they’re informed about GDPR and its impact on businesses, compared to 43 percent in the U.K. and 36 percent in other EU countries.
“Some organizations, particularly in the U.S., believe they’ll be exempt from the EU-centric regulations and potential fines, but a massive knowledge gap still exists around how GDPR will impact businesses,” said Peter Tsai, senior technology analyst at Spiceworks. “Considering GDPR impacts every organization in the world that collects data on EU residents, many IT departments might have to scramble to comply with the regulation next year if they incorrectly assume GDPR doesn’t apply to them.”
Nearly half of IT departments aren’t preparing for GDPR due to a lack of prioritization
Organizations that plan to prepare for GDPR are taking steps to document processes to prove compliance, while other common steps include training employees, conducting data audits, changing data management policies, and working with third-party consultants.
However, 15 percent of IT departments in the U.K., 14 percent in the rest of the EU, and 21 percent in the U.S. have no plans to prepare for GDPR in the next 12 months. Among those IT departments, nearly 50 percent said they aren’t preparing because it’s not a priority at their organization. Many IT professionals also don’t understand the requirements while others lack the time, resources, and budget necessary to prepare.
Many IT professionals support GDPR but believe it will make their jobs more difficult
Although most businesses are not currently preparing for GDPR, the results show 65 percent of IT professionals in the U.K. and 59 percent in the rest of the EU are in favor of the data privacy regulations contained within GDPR. By contrast, only 37 percent of IT professionals in the U.S. are in favor of the regulations.
Despite their support for GDPR, many IT professionals have concerns about the upcoming deadline in May 2018. More than one-third of IT professionals said the steps to comply are unclear while others are concerned their management doesn’t understand the impact of the regulations. Additionally, many IT professionals are worried GDPR will increase complexity in the IT market, make their jobs more difficult, and require a significant amount of user training.
“No matter if you live in the U.S. or the EU, it’s important to at least start researching how GDPR may (or may not) apply to your organization,” said Brian Sandison, network and server technician based in Scotland. “IT departments have a duty to ensure management understands the requirements and implications of these regulations so they’re not caught off guard. Because if a company disregards the regulations and gets fined, the blame will more than likely be placed on the IT team.”
The survey was conducted in June 2017 and included 779 respondents from the United States, the United Kingdom, and the rest of the European Union. Respondents are among the millions of IT professionals in Spiceworks and represent a variety of company sizes, including small-to-medium-sized businesses and enterprises. Respondents come from a variety of industries including manufacturing, healthcare, nonprofits, education, government, and finance. For more information and a complete list of survey results, visit https://community.spiceworks.com/research/gdpr-impact-on-it.
About Spiceworks Voice of IT
Spiceworks’ Voice of IT shares statistics, trends, and opinions collected from millions of IT professionals on the global technology issues that are important to them. For other Spiceworks Voice of IT reports visit: www.spiceworks.com/research.
Spiceworks is the professional network millions of IT professionals use to connect with one another and thousands of technology brands. The company simplifies how IT professionals discover, buy and manage an estimated $600 billion in technology products and services each year. Headquartered in Austin, Texas, Spiceworks is backed by Adams Street Partners, Austin Ventures, Institutional Venture Partners (IVP), Goldman Sachs, Shasta Ventures and Tenaya Capital. For more information visit http://www.spiceworks.com.
Spiceworks and Voice of IT are registered trademarks of Spiceworks, Inc. All other names may be trademarks or registered trademarks of their respective owners.