Most Indian organisations struggling with GDPR compliance: EY Survey
Over 63 per cent of respondents who were aware about the regulation and its requirements reported that they were non-compliant.
A recent survey by professional services firm EY says most companies in India are struggling to comply with the EU's General Data Protection Regulation, brought in for data protection and privacy of individuals in May 2018. Over 63 per cent of respondents who were aware about the regulation and its requirements reported that they were non-compliant.
EY surveyed 77 C-Suite leaders that include privacy experts, legal heads and IT executives/managers, representing diverse industrial segments for the report. These include many large globally recognized organizations and key government entities, it said. The survey report revealed that 76 per cent of organisations who participated in the survey, are yet to comply with their own information governance policy; while 45 per cent continue to battle in their GDPR compliance journey.
According to the survey, a fourth of survey respondents belonged to organizations that are offering goods and services in the EU, but still are unaware of GDPR requirements and its impact. However, there is some good news too as 80 per cent organizations that are aware of GDPR have proactively initiated their compliance journey towards it. IT/ITeS sector has taken a lead in terms of its GDPR compliance.
"Of the 31 per cent organizations which believe that they are compliant, IT/ITeS organizations have taken a lead with 65 per cent belonging to this sector. This is followed by manufacturing and automotive organizations out of which 23 per cent believe that they are compliant with GDPR," the survey said.
The survey also tried to find out the challenges companies are facing in their GDPR compliance journey and found that getting adequate skilled resources and time from existing resources, is a major roadblock in this journey. More than 60 per cent of the organizations sighted these as the biggest challenge in performing GDPR compliance activities. Lack of relevant tools, no training and understanding of GDPR compliance and no internal support from leadership and other departments -- were some of the other reasons which were cited.
However, most companies are planning to increase their budget, realising the need for privacy and an astonishing 70 per cent organizations, having more than 5,000 employees, are planning to increase their privacy budget in the coming year, the survey said.
Also, over 85 per cent of organizations have increased their budget the in previous year and want to further enhance it in 2018. The organizations covered in the survey were spread across IT and ITes, healthcare, pharmaceuticals, automotive, media and entertainment, banking and financial services; and the research was conducted between April-May 2018.