IT staff not up to speed on EU Data Protection Regulation
- 13 November, 2014 19:09
Up to a half of IT European staff admit they're not ready for the EU's ground-breaking General Data Protection Regulation (GDPR), and more than that number aren't even sure what the term 'GDPR' stands for, a survey of European professionals by network management firm Ipswitch has suggested.
The survey only questioned 306 IT decision makers (104 from the UK and the rest from German and France), but the results are probably a fair indication of preparedness for what will be the EU's most important ever privacy regulation, due to be implemented in its final form sometime between late 2014 and 2016.
Only 13 percent rated furthering their understanding as a priority for 2015 among a clutch of other worries.
Given the vagueness of some of the timetables and the complexity of the consultation process, it is no surprise that few had much idea about its implementation timetable, with 64 percent saying they had no idea, and barely one in ten suggesting the end of this year.
German professionals seemed to be the best informed, British ones the least, with few having yet assessed whether external providers such as their cloud services will be able to meet the Regulation's demands on security and sovereignty.
"GDPR includes an obligation to protect personal data across the borderless enterprise. IT Professionals should review and bolster their data processing policies and practices now, before the regulation comes into effect," said Ipswitch vice president of sales, Alessandro Porro.
Time is running short. The Regulation is already exerting a strong gravity on the development of data privacy principles in the EU and beyond, with the 'right to be forgotten' principle passed by the Parliament earlier this year a warning shot of the Regulation's potential demands.
The general lack of awareness uncovered in the survey suggests that the bedding-in period will take longer than some assume. If it's as bad as Ipswitch's survey suggests, Education might end up coming in the form of warning prosecutions.
In a separate development, Google is championing a harmonisation of data privacy principles across the EU and US in the light of the Snowden revelations