Centre for Information Policy Leadership
  • Home
  • About
    • CIPL Principals
    • Quarterly Reports
  • Membership
  • Events
    • Past Events
  • Projects
    • AI Project
    • Brazil AI Project
    • Organizational Accountability
    • Protecting Children's Data Privacy >
      • Policy Paper I: International Issues & Compliance Challenges
    • EU GDPR Implementation >
      • Global Readiness Benchmarks for GDPR
    • Enabling Data Driven Innovation and Big Data >
      • Privacy Risk Management
      • Transparency and User Controls
      • Updating Core Privacy Principles
    • Role of the DPO
    • Enabling Global Data Flows
    • Regional Focus and Outreach >
      • Effective LGPD
  • Resources
    • CIPL White Papers
    • Public Consultations
    • CIPL Articles
    • Hunton Andrews Kurth Privacy & Information Security Law Blog
  • CIPL Blog
  • Media
  • Contact Us
  • Home
  • About
    • CIPL Principals
    • Quarterly Reports
  • Membership
  • Events
    • Past Events
  • Projects
    • AI Project
    • Brazil AI Project
    • Organizational Accountability
    • Protecting Children's Data Privacy >
      • Policy Paper I: International Issues & Compliance Challenges
    • EU GDPR Implementation >
      • Global Readiness Benchmarks for GDPR
    • Enabling Data Driven Innovation and Big Data >
      • Privacy Risk Management
      • Transparency and User Controls
      • Updating Core Privacy Principles
    • Role of the DPO
    • Enabling Global Data Flows
    • Regional Focus and Outreach >
      • Effective LGPD
  • Resources
    • CIPL White Papers
    • Public Consultations
    • CIPL Articles
    • Hunton Andrews Kurth Privacy & Information Security Law Blog
  • CIPL Blog
  • Media
  • Contact Us

CIPL & AvePoint
​2nd GDPR Organisational Readiness Survey Report

On March 26, 2018, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP and AvePoint released its second Global GDPR Readiness Report (the “Report”), detailing the results of a joint global survey launched in July 2017 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”). The Report tracks the GDPR implementation efforts of over 235 multinational organizations, and builds on the findings of the first Global GDPR Readiness Report by providing insights on key changes in readiness levels from 2016 to 2017.

Key highlights of the report include:
​
  • Over half of all respondents have committed additional budget to GDPR implementation, with increases ranging from hundreds of thousands of dollars to upwards of $50 million.
  • While technology tools and software are the number one priority for GDPR-focused budget spending, continued reliance on manual methods for building and maintaining data processing inventories, as well as low usage rates of automated software to identify and tag data, indicate that much work is still to be done to assess and procure these solutions.
  • Almost a quarter of organizations have not yet implemented any processes to update their controller-processor contracts or review or renegotiate existing agreements. Organizations will have to closely look at their contracts ahead of May 25, 2018, to ensure they include the new required terms introduced by the GDPR.
  • Despite little information being available on new GDPR transfer mechanisms such as adequate safeguards or certifications, for the second year in a row, respondents indicated that they are likely to use these mechanisms, with almost one-fifth of organizations reporting they will rely on the latter post-GDPR.
  • With regard to security, the majority of organizations have put internal reporting procedures and incident response plans in place. However, organizations still have some work to do in implementing other data breach response procedures, such as conducting dry runs and retaining PR and media consultants.
  • Legitimate interest remains the area most in need of clarity under the GDPR, followed by data protection impact assessments and risk, breach notification, notice and consent, and privacy by design.

To read more about these highlights and other insights of the study, please view the full report.

CIPL & AvePoint 1st GDPR Readiness Survey Report

To read more about these highlights and other insights of the study, please view the full report.
Picture
Picture
Picture
Copyright © 2022 by the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP.
Disclaimer | Privacy Policy | Cookies Policy | Contact
Picture
Picture