GDPR one year on: data reveals business-growth benefits for GDPR-ready firms
🕒 4 min read
✏️ HAZEL BURTON
When GDPR came into being on 25 May 2018, well over a third of companies globally were not ready for the EU data privacy regulation, according to the latest research from Cisco.
The Cisco Threat Report finds that 59% of organisations said they were able to meet their data protection obligations come implementation day, leaving 41% still working towards regulatory compliance. Of these, 29% said they would be ready in under a year, nine per cent said they would be ready in over a year and three per cent said GDPR did not apply to them.
Who was ready for GDPR?
In terms of which regions were the most ready, Europe hosts the country with the highest level of readiness, with Spain citing 76% of organisations ready for GDPR in time for 25 May 2018. This is followed by Italy at 72%. At the other end of the scale in Europe, Russia had the lowest number of firms citing readiness at 46%, followed closely by Turkey at 47%.
Across the Atlantic, the US and Canada came in at 57% and 60% respectively, while Mexico led the charge in Latin America at 73% readiness.
Asia, meanwhile, sees China at 42% readiness, Japan at 45% and India on top at 65%.
An unexpected GDPR benefit
While 41% of firms continue their push for readiness, those firms that were ready in time for implementation have found that being GDPR-ready has brought some unexpected and welcome benefits to their operations and business-growth efforts.
The research highlights that benefits include operational gains such as shorter sales delays and reduced number of records impacted after a data breach. For small business in particular, the increased agility that comes from this means greater flexibility of resources and increased returns for your business as it grows.
In terms of shorter sales delays, the research finds that while 87% of organisations report having sales delays due to customer privacy concerns, those that were GDPR-ready on 25 May 2018 experienced delays of 3.4 weeks, versus those that were the least GDPR-ready, who cited a 5.4-week delay. This two-week advantage offers obvious opportunity for enhanced agility and business growth, which for small business means a faster path to not only being more secure, but also shorter sales cycles and, therefore, increased profitability.
Also of note, GDPR-ready firms experience fewer and less-costly breaches. According to the research, of the firms that experienced a data breach post-GDPR implementation day, the least GDPR-ready firms had 212,000 records impacted. This figure sees a massive drop to 79,000 records impacted at GDPR-ready firms.
System downtime is also affected by GDPR, dropping by almost a third from 9.4 hours at the least GDPR-ready firms to 6.4 hours at GDPR-ready firms.
What does this mean for small business? For those that are GDPR-ready, the benefits go far beyond the expected outcomes of increased security and protection of customer data. The time saved from reduced system downtime can be spent elsewhere in the business, meaning increased agility and innovation, which 42% of GDPR-ready firms report experiencing.
Elsewhere, organisations reported increased competitive advantage and investor appeal, both of which offer clear pathways to business growth. Along with this, improved operational efficiency was reported by GDPR-ready firms. In total, a whopping 97% of GDPR-ready firms are seeing one or more of these unexpected benefits.
Clear business advantages
It’s clear now that GDPR means so much more to small business than just being a regulatory framework for data security. It serves as an important foundation on which to build operational efficiency by reducing downtime and breach-associated costs, while increasing key business-growth areas, such as innovation and competitive advantage.
For small business this means greater agility, accelerated business growth and, ultimately, increased profitability.
There is so much more to GDPR than meets the eye!