Majority of largest UK and US companies unprepared for GDPR

Over half of firms listed in the FTSE 350 and Fortune 500 are not preparing themselves in time for imminent General Data Protection Regulation (GDPR).


Wednesday 3

Majority of largest UK and US companies unprepared for GDPR

That is according to new research by law firm Paul Hastings, which reveals only 43% are setting up an internal GDPR taskforce, while just one-third are hiring a third-party to conduct a regulation gap analysis or give advice.


This is despite 94% of FTSE firms believing they are on track to implement GDPR, with the number rising to 98% among Fortune companies – suggesting they are significantly underestimating the technicalities of compliance.


“The confidence among major corporations seems mismatched with reports of their implementation efforts,” Paul Hastings global co-chair of privacy and cybersecurity practice, Behnam Dayanim, said.


“Achieving GDPR compliance is an enormous task – one that in our experience, almost inevitably requires dedicated resources and budget.”


The regulation comes into force in May this year, and is designed to harmonise data privacy laws across Europe, giving extra protection to citizens’ data privacy, and applies to all firms that do business inside the EU.


Breaches can hit institutions with fines of up to 2% of their previous year’s global annual revenues for a first offence, and 4% for repeat offences, while criminal penalties are also possible.


The Paul Hastings research involved a survey of 100 general counsel or chief security officers from FTSE 350 companies, and 100 from Fortune 500 firms, in July 2017.


Despite being one of the crucial requirements for “business involved in the large scale monitoring of individuals”, it was found that just 29% of FTSE firms have hired a data privacy officer or additional privacy staff.


This number is even lower among the Fortune companies, while it was also found that just 10% of UK firms have an allocated budget for GDPR compliance.


“With so few companies undertaking key compliance measures to date, it will be a race to the finish line for those needing to meet the terms of this wide-reaching regulation,” Dayanim continued.


“This unfortunately seems to be setting up a scenario for multiple investigations and enforcement activities once the implementation date arrives.”


Most popular

  1. Two-fold increase in InsurTech-based premiums predicted by 2023


    InsurTech is expected to help generate over $400bn (£312bn) worth of premiums worldwide by 2023, more than double the estimated $187bn today.

    Tuesday 21

    21 August 2018

  2. CEOs to look to data scientists for growth

    CEOS from across the world believe that data scientists will be their most important workers in the search for future growth, a new global survey has found.


    Monday 13

    13 August 2018

  3. Two-fold increase in cyber security fears

    IT professionals worldwide are more than twice as worried about data breaches and cyber attacks today than they were this time last year, a new survey has found.


    Monday 30

    30 July 2018

White paper

  • Quarterly InsurTech Briefing Q1 2017

    Why InsurTech? A Pressured Insurance Value Chain

    By Andrew Sagon, Andrew Johnston and Matthew Wong

    InsurTech is a burgeoning phenomenon that is modernising the insurance industry. It is disrupting the traditional value chain whereby insurers offer loss protection, and shifting the emphasis to risk mitigation. Incumbents face disintermediation as investors in search of higher yields pour money into insurance-linked instruments in the capital markets. And entrepreneurial businesses are targeting friction costs and inefficiencies within every aspect of the traditional value chain.



  • Insurance big data – float like a butterfly, sting like a bee

    Nimbleness and agility will unlock potential

    By Elinor Friedman, Andrew Harley and Klayton Southwood

    Recent Willis Towers Watson surveys in the U.S. have shown that P&C and life insurers in developed markets are taking seriously the potential of big data and predictive analytics to improve their businesses. Nimbleness and agility, rather than brute force, are likely to be key to realizing that potential.

    Download PDF

  • The new era of insurance analytics

    Driven by technology, toolkits and talent

    By Claudine Modlin and Graham Wright

    Advanced analytics is helping some insurers offer innovative products and solutions. What do insurers need to know about the changing nature of analytics and whether it is worth the investment? Claudine Modlin and Graham Wright discuss technology, toolkits and talent — topics that may help you decide.

    Download PDF

  • How can we manage the dynamic nature of cyber-risk?

    Risk transfer is part of a comprehensive solution

    By Adeola Adele, Patrick Kulesa, Kevin Madigan and Alice Underwood

    Given the dynamic nature of cyber-risk, taking a multidimensional approach that integrates board governance, technology solutions, behavioral change and risk transfer solutions can help reduce risk to a manageable level.

    Whitepaper Form