can be costly and often feels more like red tape and a barrier to business than anything that provides a benefit. A report by EY and the International Association of Privacy Professionals (IAPP) estimates that organizations have spend an average of $3 million to achieve compliance with the European Union’s General Data Protection Regulation (GDPR), a sweeping piece of legislation that affects any that stores or processes on European Union (EU) citizens.

Aside from reducing the chance of large fines from the likes of the Information Commisioner’s Office (ICO) or the Commission nationale de l’informatique et des libertés (CNIL), what are the quantifiable business outcomes that provides?

Achieving GDPR compliance may have some quantifiable benefits in reducing the potential and impact of data breaches. Proper data mapping, greater organization of data, encryption, and a general reduction in data that’s being collected can all help a company some of its risk.

According to s 2019 Data Privacy Benchmark Study, organizations with mature privacy functions were more likely to know where its personally identifiable information (PII) is located (and how it is used) and have a catalogue of its data assets. “Achieving operational efficiency from having data organized and catalogued” and “mitigating losses from data breaches” were listed as two of the six benefits of GDPR-related privacy investments given by the report’s respondents.

Fifty-nine percent of the 3,200 professionals surveyed from 18 countries across all major industries and geographic regions defined themselves as GDPR-ready (meeting most or all GDPR requirements). Those GDPR-ready companies are reportedly less likely to have experienced a breach in the last year, and those that did suffer breaches lost fewer records and therefore saw smaller incident costs.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here