In our prior blog posts in this series, we reported on our survey of 600 US, UK and other EU respondents that:
- 68% of the respondents have spent more than six figures already on GDPR compliance and that 67% expect to spend an additional six figures by the end of 2018 (July 13th blog)
- the top reason for becoming GDPR compliant was to meet customer expectations (July 16th blog)
- companies were most compliant with customer-facing GDPR issues such as cookie consent management and 87% of the respondents needed 3rd party help (July 19th blog)
Despite the large GDPR compliance budgets and challenges faced in becoming compliant, most respondents feel the journey was worth it. 65% of respondents view GDPR as having a positive impact on their business and only 15% view the GDPR as having a negative impact on their business. Companies with over 10,000 employees were the least likely to view the GDPR as having a positive impact on their business, but even for those companies 51% had a positive view of the GDPR.
Also, even though the May 25th GDPR compliance deadline has passed, 87% of respondents felt that privacy would become more important for their companies and 47% felt that it would become significantly more important.
In line with the companies’ positive feelings about the impact of the GDPR on their businesses and their intention to treat privacy as even more important after the passing of the May 25th deadline, 50% of the respondents intend to seek a 3rd party validation of their GDPR compliance in advance of the issuance of the official GDPR certification.
Summing up our four blog posts on our GDPR compliance status research report, we can conclude that although becoming GDPR compliant has been expensive and challenging due to the complexity of the regulation, companies have relied on significant 3rd party help and technology tools and almost all of the companies will be compliant by the end of 2018. The companies have been motivated by the desire to meet company expectations and support their company values more than by a fear of fines and lawsuits and have focused first on customer-facing issues such as cookie consent management. They mostly feel that the GDPR will have a positive impact on their businesses and half of them will seek a 3rd party GDPR validation rather than wait for the issuance of the official GDPR certification. The companies also overwhelmingly believed that privacy will be even more important for their companies in the future, which indicates that GDPR compliance is just the beginning of their privacy journey, rather than the conclusion.