A recent study revealed that the introduction of the European Union’s General Data Protection Regulation has resulted in a significant decrease in data leaks and thefts.
The study dubbed Data Privacy Benchmark Study from networking company Cisco Systems stated that nearly three-quarter of GDPR-ready companies suffered fewer data breaches in the last year than organizations that have not been GDPR compliant.
The survey report, which is prepared based on data from more than 3,200 security professionals in 18 countries and across all major industries worldwide, also found that approximately 60 percent of companies have met most of the GDPR requirements, with nearly 30 percent more expected to do so within a year.
Country wise, the research stated the level of GDPR-readiness increased from 42 percent to 76 percent, stating that the European countries (Spain, Italy, UK, France, and Germany) were on the higher end of the range. Data security, internal training, evolving regulations, and Privacy by Design requirements were the major challenges faced by organizations while getting ready for GDPR, the research stated.
“These results highlight that privacy investment has created business value far beyond compliance and has become an important competitive advantage for many companies. Organizations should, therefore, work to understand the implications of their privacy investments, including reducing delays in their sales cycle and lowering the risk and costs associated with data breaches as well as other potential benefits like agility/innovation, competitive advantage and operational efficiency.” the report stated.
The EU’s GDPR became enforceable on May 25, 2018, and privacy laws and regulations around the globe. The regulation aims to harmonize the fragmented data privacy framework across the European Economic Area (EEA), and ensure that fundamental rights are protected in the digital economy.
Recently, Search engine giant Google fined for 50 million euros (around $57 million) by the French data regulator CNIL (National Data Protection Commission) for violating the General Data Protection Regulation. The data protection watchdog stated it had levied the fine for Google’s lack of transparency and valid agreement regarding ads personalization. The regulator also said that Google didn’t sufficiently inform the people about how it collected the users’ data to personalize ads.