BDO USA polled 145 U.S. corporate directors on public company boards in August 2018 about GDPR and their data protection efforts. The survey results show 80% of companies have already taken action to make sure they are in compliance with E.U. data protection laws.
The compliance measures implemented by companies include performing a gap analysis to identify risks and updating company privacy policies. Additionally, 33% of survey participants said their organization has increased the budget for data privacy protection and have appointed a data protection officer. These steps are the minimum requirements for U.S. companies doing business in the European Union to ensure compliance with the new General Data Protection Regulation (GDPR), which came into effect on May 25, 2018.
Companies can be fined as much as €20m or 4% of yearly global revenue for noncompliance with the GDPR, whichever amount is greater. The threat of major financial penalties means American companies need to deal with their GDPR shortcomings without delay.
According to Amy Rojik, BDO USA’s National Assurance Partner for Communications and Governance, the BDO’s 2018 Cyber Governance Survey clearly shows that public company board directors recognize the competitive merits of taking on a digital improvement strategy and addressing vulnerabilities related to cyber risk. Creating a strategic route for a company’s digital transformation, making necessary funds available, and having the board supervise cybersecurity and data privacy are now essential if an organization is to succeed and thrive in this period of intense transformation.
Jeff Ward, BDO USA’s Third-Party Attestation National Managing Partner said that it is clear that companies are preparing to be monitored more closely by data protection bodies in the future. He mentioned that many public company clients foresee greater regulatory action over breach disclosures, and are using the SOC reporting framework as a benchmark.
If you want further information on the BDO 2018 Cyber Governance Survey you can view it here.