A whopping 99 percent of companies said they are seriously working on compliance with the European Union law, which goes into effect May 25. (Image: Shutterstock)

With 30 days to go, nearly half of companies in a recent survey reported they have completed more than 75 percent of the work to become compliant with the looming General Data Protection Regulation.

And a whopping 99 percent said they are seriously working on compliance with the European Union law, which goes into effect May 25 for anyone doing business in the EU or with an EU resident.

Netsparker, a London-based company specializing in web application security, commissioned the survey of 302 CEOs and other C-suite executives at U.S. companies. Netsparker CEO Ferruh Mavituna was not available for comment.

The report, released earlier this month, said the health care and finance industries showed the “most resistance” to GDPR with the lowest levels of compliance work completed. Some 7 percent of health care companies said they are unlikely to be fully compliant by the deadline, while 3 percent of financial services companies reported they haven't even begun the process yet.

Still, the report's numbers show an increased awareness of the new law from a month ago, when an EY survey found that nearly two-thirds of 745 global executives were either studying GDPR while taking no action yet, or hadn't even heard of it.

Likewise, an FTI Consulting Inc. survey of 30 in-house counsel at Fortune 1000 corporations found some respondents were “revving up to meet the changed standards as soon as possible, while others are waiting to see how the rules will be enforced before making any major, costly overhauls in data storage.”

The Netsparker survey found that over half the respondents were recruiting new team members to specifically handle GDPR compliance, and just under half were re-engineering existing internal security teams in an effort to save on costs.

Some 63 percent of the respondents said they have a data privacy officer, a new post required at most companies under the new law, while 28 percent said they were planning to hire one.

Compliance comes at a cost. About two-thirds of the respondents said they will spend between $50,000 and $100,000 to meet GDPR requirements. Another quarter of them said they'll dish out between $100,000 and $1 million. And 10 percent of respondents said compliance with GDPR will cost them over $1 million.

Most respondents (53 percent) said they expect the technology industry to be most affected by GDPR, followed by online retailers at 45 percent, software companies at 44 percent, and financial services at 37 percent.

Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.

Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Sue Reisinger

Senior reporter at ALM since 2004; based in Florida; covers general counsel and white collar crime; contact: [email protected]