This blog series will cover the results of a new privacy survey conducted in May of 2017 as part of the closing session at the TrustArc Privacy Risk Summit, held at the Bespoke Conference Center in San Francisco June 6, 2017. The survey, conducted by Dimensional Research on behalf of TrustArc, focused on the status of U.S. private sector efforts to meet privacy mandates in general and in particular to meet the May 25, 2018 deadline for the EU General Data Privacy Regulation (GDPR).
The results will be shared in a three-part blog post series:
- Part 1: General Privacy Market Results
- Part 2: GDPR Compliance Results
- Part 3: Program Implementation Results
Part 1: General Privacy Market Results
The online survey was fielded to 204 privacy professionals at a target group of small (500 to 1,000 employees), mid-size (1,000 to 5,000 employees) and large (over 5,000 employees) companies that were subject to the GDPR, in a varied mix of industries.
98% of respondents felt that the complexity of managing privacy is increasing. 56% felt managing privacy is becoming significantly more complex.
The primary privacy ownership is limited to a few groups. In smaller companies, the legal department primarily handles ownership of privacy issues. In larger companies, compliance tends to increase ownership of privacy.
The majority of companies report the need for technology to manage privacy is increasing, with 51% saying the needs it becoming significantly greater.
Currently, most companies (66%) are using Governance, Risk, and Compliance (GRC) software, but a wide range of other options including specialized privacy software solutions (37%) are also popular.
Privacy budgets are also increasing for 97% of companies, with 47% saying their budgets are becoming significantly larger.
In Part 2 of this series we will reveal the GDPR Compliance results. To read the full results now, download a copy of the TrustArc “Privacy and the EU GDPR” research report, click here.