Majority of Workers Still Concerned About Data Protection on First Anniversary of GDPR, According to New Survey

This mixed response around the impact of GDPR likely reflects the complexity of educating the public on data regulations, as well as the difficulty that organizations still face in complying with the law.

According to the survey, 57% of global workers noticed stricter policies at work regarding the use of technology or customer data as a result of GDPR. Enforcement appears to have had the biggest impact in Europe, where 70% of respondents reported stricter policies, and at medium-sized businesses with 100 to 1,000 employees, where 65% of workers noticed policy changes. Additional findings include:

• A majority of global respondents (74%) noted an increase in pop-ups or opt-ins requesting consent regarding the use of personal information
• Of those that saw an increase in pop-ups or opt-ins, 19% believe these consent requests negatively impact their productivity and 32% are increasingly annoyed by them
• Nearly half of respondents (49%) said that they either have seen an increase or no change in the amount of spam they receive
• 74% of respondents also believe that the technology industry still needs more regulations
• Sentiment on the current state of regulation is mixed, with 24% reporting that they feel vulnerable and 19% saying they are worried but 29% noting they were hopeful

“One year since the introduction of GDPR, the regulation has started a global dialogue around how customer data is cared for and, if nothing else, has helped strengthen best practices to ensure data protection,” said Alastair Pooley, Chief Information Officer at Snow. “Whilst workers themselves may not directly feel this impact yet, the increase in data breach notifications being reported to the UK’s Information Commissioner’s Office is noteworthy, as it suggests that transparency was seriously lacking prior to enforcement. There is still a lot to do, but it is clear that considerable steps have been made by organizations worldwide to ensure there are enhanced data protection efforts and improved transparency globally. The question that remains to be seen is whether the regulation and the controls implemented in its name will be strong enough to stand up to the rising tide of threats we face in the years ahead.”

As a part of a larger governance and risk strategy, many organizations have made achieving or maintaining GDPR compliance a critical priority for their IT organizations. In an effort to help customers build the foundation of GDPR compliance, Snow recently added a new analytics overlay into its Governance & Risk product, which finds and identifies applications that store or process personal data. This insight helps to minimize the exposure of devices with access to personal data, highlight applications that are facing end of life or end of support and provide information for mandatory compliance steps such as the creation of a Record of Processing Activity. Through a scored risk metric, Snow calculates an organization’s potential GDPR risk and advises actionable next steps to manage or mitigate accordingly.

For more information on Snow’s GDPR solution, please visit: https://www.snowsoftware.com/int/products/snow-governance-risk.