According to new research from global research agency Gartner, more than 50% of organisations that will be affected by the forthcoming European Union General Data Protection Regulations won’t be fully compliant by the end of 2018.
With the new GDPR going live on 25 May 2018, organisations that are not compliant by this date will face hefty fines that can be up to €20m – or four per cent of turnover. Talking about the research, Bart Willemsen, the research director at Gartner said:
“Threats of hefty fines, as well as the increasingly empowered position of individual data subjects tilt the business case for compliance and should cause decision makers to re-evaluate measures to safely process personal data.”
One company that will be ready for the implementation of the new General Data Protection Regulations in May 2018 is Google. At the GCP Next 2017, the Google Cloud Provider’s event in London, senior vice president of Google Cloud, Diane Greene said that when GDPR is implemented in May 2018, the search company’s Google Cloud Platform (GCP) will be fully ready and compliant.
“Perhaps the most impactful privacy regulation over the last 20 years is the GDPR, which is going to go into effect in the EU in may 2018 and Google is committed to having full support for that by May 2018; we will put that in your contracts that we’re committed to that. It is an indication of how carefully we are supporting on this.”
Google have reiterated this in a blog written by Suzanne Frey, Google Cloud’s director of security, trust and privacy and Marc Crandall, director of data protection and compliance.
“Our users can count on the fact that Google is committed to GDPR compliance across G Suite and Google Cloud Platform (GCP) services when the GDPR takes effect on May 25, 2018. We’ll make important updates to contractual commitments that directly address GDPR requirements. We’re also a committed partner in customers’ GDPR compliance efforts. Users can leverage Google Cloud services with confidence understanding the robust data protection capabilities built-in to Google Cloud.”
Much of the compliance will be achieved thanks to Google’s partnership with SAP. Together they will be working on integrating their services with Google essentially piggybacking on SAP’s established presence in the European Union to help enhance its cloud and datacenter footprint on the continent.
Whilst some people have said that to say organisations will be fined heavily if not compliant with GDPR by May 2018 is ‘scaremongering’, this is not the message that is being given out by some of the data commissioners that will oversee each individual country’s GDPR. Just this week at the Data Sec 2017 event, Helen Dixon, the Irish Data Commissioner said:
“…it’s absolutely the case that we will be imposing fines against big and small entities based on the issues that come across our desk and the areas of risk we identify. There’s nothing surer than this.”