Despite Impending Deadline, Most Organizations Remain Unprepared to Comply With GDPR

Poll finds 90 percent without necessary controls in place

Baker Tilly GDPR overview (Graphic: Business Wire)

CHICAGO--()--A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly) indicates 90 percent of organizations do not have the necessary controls in place to be compliant with the General Data Protection Regulation’s (GDPR) impending enforcement date, May 25, 2018.

“With recent significant data breaches, concerns around personal data access at Facebook/Cambridge Analytica and the coming enforcement date of GDPR, privacy concerns are heightened,” David Ross, partner with Baker Tilly’s cybersecurity and privacy practice, said. “Leading organizations need to implement proactive, risk-based monitoring and compliance measures as part of a comprehensive cybersecurity and privacy program.”

Significant GDPR noncompliance penalties
Enacted by the European Union (EU), the GDPR governs the collection, processing, use and storage of personal data originating in the EU. Organizations, including U.S. organizations, could face significant impacts, including fines of up to four percent of annual global revenue or €20 million (whichever is greater) and material and non-material damages such as financial loss and damage to reputation.

“Having well-documented privacy policies and procedures coupled with a documented privacy program overall demonstrates the organization is actively engaged in ensuring compliance in case of GDPR oversight review,” Mike Vanderbilt, director with Baker Tilly’s cybersecurity and privacy practice, said.

Baker Tilly recently held an educational webinar, “GDPR: Is your organization ready?” to help organizations understand the GDPR and prepare for the enforcement, ongoing monitoring and compliance.

The webinar presenters discussed:

  • Potential data pools and systems affected by GDPR
  • The impact of the data subject rights and other requirements defined by GDPR and how they apply to organizations
  • How an organization’s current cybersecurity and privacy programs can support its ability to address GDPR’s requirements

Presentation slides and a recording of the webinar are available at bakertilly.com/insights/gdpr-is-your-organization-ready. A GDPR overview infographic can be found at bakertilly.com/GDPR.

About Baker Tilly Virchow Krause, LLP (bakertilly.com)
Baker Tilly Virchow Krause, LLP (Baker Tilly) is a nationally recognized, full-service accounting and advisory firm whose specialized professionals connect with clients and their businesses through refreshing candor and clear industry insight. With approximately 2,700 employees across the United States, Baker Tilly is ranked as one of the 15 largest accounting and advisory firms in the country. Headquartered in Chicago, Baker Tilly is an independent member of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 147 territories, with 33,600 professionals. The combined worldwide revenue of independent member firms is $3.4 billion.

Contacts

Baker Tilly Virchow Krause, LLP
Patricia Buttery, 414-777-5479
patricia.buttery@bakertilly.com
or
Baker Tilly Media Relations
press@bakertilly.com

Release Summary

Baker Tilly poll indicates 90 percent of organizations do not have the necessary controls in place to be compliant with GDPR's enforcement date.

Contacts

Baker Tilly Virchow Krause, LLP
Patricia Buttery, 414-777-5479
patricia.buttery@bakertilly.com
or
Baker Tilly Media Relations
press@bakertilly.com