Remember all that panic last year when everyone thought the world was going to end because of the impending enforcement of GDPR? Well, the world didn't end, did it. But what has been the impact of the new regulations on businesses across the globe?
Deloitte wondered the same and so conducted some research to find out the effects and here are some of the things they found out.
1. Individuals know their rights and are not afraid to exercise them
Of the 1,650 individuals surveyed, 84% are aware of their opting out rights; 23% have opted out of some direct marketing already; 12% have requested complete erasure from an organisation and 1 in 10 have submitted a data access request.
2. Just 30% of organisations are responding to customer data requests within the required timeframe
1 in 10 may be requesting access to their customer data but organisations are being too slow to respond it seems. Deloitte's survey of 1,100 organisations found that customer data requests were being dealt with too slowly and outside the set one month timeframe, leaving them open to fines from their Data Protection Authority.
3. Customers still want to hear from you...if you're being relevant
Despite a significant opt-out rate, 60% of individuals are still happy to share their data in exchange for personalised benefits or discounts. The key takeaway here? Personalise and tailor your marketing and customers will still want to hear from you.
4. 44% of individuals believe organisations care more about their personal data now
But that means 56% still think organisations don't care…
5. Organisations are taking data protection more seriously despite customers beliefs
70% of organisations surveyed have seen an increase in staff that are partly or fully focused on GDPR compliance. And 92% believe that, if they are not compliant now, they will be fully compliant in the long-term. I just wonder what the 8% who won't be intend to do?
6. Don't assume non-EU countries aren't taking it seriously
You might be surprised to find out that India appears to have invested the most in technologies to support customer access requests and preference management, while German respondents suggested their organisations 'could do better'.
7. 2018 saw the rise of the DPO
87% of organisations now have a Data Protection Officer (DPO) in place, including 99% of Indian companies surveyed. Whilst having a DPO is not a requirement of the GDPR, this high take-up shows the seriousness with which organisations are taking the regulations.
8. We still don't read privacy notices
32% of us still don't read privacy notices and 42% of us are undecided as to whether they've become clearer in the wake of GDPR.
9. A data breach won’t necessarily be the end of your organisation
Only 17% of individuals said they would stop using an organisation if they had a data breach. That means 83% of us would still be happy to carry on using that organisation despite a breach. Good news for Marriott Hotels.
10. Data Protection Authorities are more likely to flex their enforcement muscles
DPAs have more enforcement powers under GDPR and 57% of organisations have received regulatory requests from their Supervisory Authority. The highest number of these received have been in India (73%) and the UK (62%).
Has GDPR had much impact on your organisation and customers? The Deloitte survey suggests it should have, but mostly in positive ways. Still a bit confused about GDPR? Find out more about how it affects you and your role as an accountant with accountingcpd's course 'GDPR: Implementation and Beyond'.
This blog was written by Becky Reid, Tattoo Ink Marketing.