Only Six Percent Of Enterprises Prepared For Impending EU Data Privacy And Security Regulations
The European Union’s (EU) General Data Protection Regulation (GDPR), which standardizes transparency laws governing how companies collect and store EU citizens’ personal data, goes into effect on May 25, and research from erwin, Inc. shows that only six percent of businesses are prepared for the regulations. The data modeling company’s 2018 State of Data Governance Report found broad awareness of and focus on data governance issues, but also found challenges in terms of understanding, executive support and financing. PPB magazine addressed the GDPR and implications for industry businesses in a comprehensive January 2018 feature.
Research by erwin found that 98 percent of respondents view data governance as either important or very important from a business perspective; however, 46 percent don’t have a formal governance strategy in place. More than one in five (21 percent) are just getting started, which erwin described as the data discovery and inventory phase, and 63 percent either don’t have a budget for data governance or don’t know if they have one.
“The results of the State of Data Governance Report are validating but also a bit shocking,” says Mariann McDonagh, CMO for erwin. “The fact that 94 percent of organizations are not prepared for what is arguably one of the most important data privacy and security regulations in recent years—with fines up to four percent of their global revenues—is stunning. However, on the flip side, organizations are now finally recognizing that governing data assets goes well beyond risk management and compliance. To fully realize the value of its data, an organization needs the ability to discover, understand, govern and socialize data assets beyond IT’s shadow. To mitigate risks and realize the desired business results, data stakeholders across the enterprise must be empowered to act as data citizens, and that includes IT and the business funding an ongoing process.”
Asked to identity the top three drivers of data governance initiatives, 60 percent of respondents say their biggest driver is the need to comply with regulatory mandates. However, compliance is not the only driver, with 49 percent seeing data governance as a way to improve customer satisfaction and 45 percent using it to support better decision-making. Reputation management and analytics are two other relatively big drivers at 30 percent and 27 percent, respectively. Big Data is another important factor driving data governance, with 22 percent of the responding organizations claiming to have more than 10 petabytes of data under management. One fifth of respondents say Big Data is one of the top reasons for implementing a data governance program.
At 57 percent of organizations, both IT and the business are responsible for data governance while at 34 percent, IT is solely in charge. The IT department has funded data governance expenses at 40 percent of the companies surveyed. The budget for data governance comes from the audit and compliance function at 20 percent of organizations, while the business covers the bill at 8 percent of the companies surveyed.
“The survey presents a cautionary tale about what enterprises need to do in 2018 to move their data governance agendas forward,” adds McDonagh. “It shows that while the business is beginning to realize the potential of data governance, it is not entirely clear on how to justify the budget or how to move the ball forward. We suggest starting with clear goals about what you want your program to achieve, building a budget to justify it like any other business initiative, educating and involving all data stakeholders, and absolutely getting ready to meet the requirements for GDPR.”
erwin’s study, conducted on its behalf by UBM, surveyed North American business technology professionals representing more than 16 sectors, including financial services, government, healthcare, IT and telecommunications, about their attitudes toward data governance. Among the 118 respondents were CIOs, CTOs, data center managers, IT staff and consultants.
The 2018 State of Data Governance Report can be downloaded here.