63% of Indian organizations struggling with their GDPR compliance journey
While India gears up to embrace a new era in data privacy and protection, most organizations continue to struggle in complying with General Data Protection Regulation (GDPR) which came into effect on 25th May, 2018. A study released by EY titled “General Data Protection Regulation (GDPR): The paradigm shift in privacy” assesses the state of GDPR compliance across India Inc. based on the survey responses of close to 80 respondents. The results highlight the advantages of early adoption, setbacks of non-compliance and the challenges faced by organizations in their GDPR compliance journey, thus far.
The report reveals that 22% of the organizations increased their privacy budgets between 5% and 15% in the past 12 months whereas 25% more are planning to increase their budget in the same 5%-15% range over the next 12 months. It further highlights that there is a pressing need within organizations to have dedicated and skilled resources for data privacy and compliance, the lack of which has been cited as the biggest challenge by over 60% of the respondents in ensuring GDPR compliance.
76% of the organizations recognize the need to comply with their own information governance policies as the leading factor in their GDPR compliance journey whereas 63% of those who are familiar with the requirements and impact of GDPR, continue to lag behind in compliance. This indicates that there is a strong need for businesses to design and implement robust governance structures, as well as appoint or train their Data Privacy Officer (DPO) to set them up for success in their new roles.
Guru Malladi, Advisory Markets Leader, EY said, “The implementation of EU’s GDPR has further propelled an organization’s journey towards safeguarding data and building the right security infrastructure for its customers and stakeholders alike. It is critical for businesses to review their current data protection compliance programs and determine next steps to anticipate the level of investments they need to make over the next few years to accelerate their journey. However, while working towards compliance, organizations must also view it as an opportunity to gain competitive advantage and also recognize its impact on customers.”
With a large number of organizations providing goods or services, or monitoring behavior of consumers in EU, Indian organizations have also initiated their GDPR journey to ensure compliance. However, over 60% of them are grappling with inadequate skilled talent which continues to be a major obstacle in their GDPR compliance journey. With India having moved one step closer to its first data privacy law following the draft data privacy bill proposed by the Srikrishna Committee, 50% of the survey respondents confirmed their plans to increase their organization’s privacy budget in the coming year. This could be viewed as a ground breaking step for the nation that has already come a long way with the convergence of Digital India.
The EY survey is based on the responses received from nearly 80 Indian C-suite executives/CIOs/CXOs from various sectors including IT/ITes, Healthcare, Pharmaceuticals, Automotive, Media and Entertainment, Banking and Financial services.
