At last it seems companies have woken up to the biggest overhaul of data protection laws in a generation following new research which shows that, with just over 7 months to go, an overwhelming majority (85%) of businesses now have a plan in place to be compliant with GDPR.
While this also means that 15% of businesses still have no plan in place – a fact that the DMA, which carried out the survey, calls “concerning”, the majority of marketers surveyed believe their organisations are on track (56%) or ahead (4%) in their plans to be compliant by May 25 2018.
Even so, a further 17% have fallen behind their current plans – up from 11% in May 2017 – but at least they have a plan.
The latest edition of the DMA research, now running since June 2016, shows how awareness and preparedness has risen. Eight in 10 marketers (77%) now rate their awareness as ‘good’, while 74% described themselves as feeling somewhat or extremely prepared for the changes.
However, when asked about the preparedness of their organisation, this figure dropped to just 58% believing their business was ready for the changes. This is despite 85% of businesses having implemented their plans for GDPR, which is more than ever before.
DMA Group chief executive Chris Combemale said: “GDPR is a watershed moment for organisations to make data protection a core brand value, placing respect for privacy at the heart of their brand proposition. We should use the new laws as a catalyst to transform the way we speak to customers, making every engagement human-centric. This will enable organisations to build trusted, authentic and transparent relationships with their customers.”
However, as the clock ticks down, fears are growing about the effect it will have on their business; two-fifths (42%) now feel their firm will be “very affected” by the new laws, and a further fifth (22%) feel “extremely affected”.
Moreover, nearly two-thirds (65%) of those surveyed agree that GDPR will be a hindrance to their marketing. Despite this, marketers also clearly understand the value the GDPR will bring to their customer offering, with 39% agreeing that the changes will improve their ability to meet customers’ needs.
Key concerns for organisations are consent (28%) and legacy data (18%), while priorities remain updating privacy policies (15%), integrating compliance systems (12%), auditing current state (12%) and data management breach processes (11%).
Combemale continued: “As an industry, we must always keep in mind the customers’ right to privacy. It’s important that businesses put the principles of accountability, transparency and trust at their core. Allowing them to go beyond simply being the right side of the law and actually build a sustainable long-term relationship with customers about their data.”
With Brexit also looming, marketers were asked how they thought the future of data protection should pan out. Some 39% say they would like GDPR to be relaxed, despite the introduction of the UK Data Protection Bill on the September 13. Even so, three quarters (76%) want to retain free data flows across Europe (the “digital single market”), which will necessitate aligning our data laws with those of Europe.
New for this edition, marketers were also asked about their awareness and key concerns about the upcoming ePrivacy Regulation reforms, with 3 in 10 (28%) reporting no awareness at all. The most common concerns about potential changes are an opt-in for B2B marketing (31%), consent requirement for cookies (26%) and an opt-in for all telemarketing (25%).
Brace yourselves for the GDPR data ambulance chasers
ICO set to launch dedicated GDPR hotline for SMEs
New industry body to tackle threat to outbound calling
70% of customers plan to demand to see their data
Privacy chief Denham hits out at GDPR scaremongering
Firms face bombardment of data requests under GDPR
Half of all firms still not compliant with 1998 data laws
ICO stands firm on ‘over strict’ GDPR consent guidance
GDPR fears mount over delay to ICO consent guidance
Third-party data crackdown will wreak havoc says DMA
DPN joins calls for more urgency over GDPR guidance