The risk of losing benefits—including bonuses—for failure to comply with GDPR policies is a real possibility for employees at one in four organizations worldwide according to a study
A study from Veritas Technologies, a leader in multi-cloud data management, has found that the General Data Protection Regulation (GDPR) has the potential to drive major cultural changes in businesses worldwide. Nearly three in four respondents plan to incentivize employees to improve data hygiene and take accountability for data compliance.
According to The Veritas 2017 GDPR Report, 88 percent of organizations around the world plan to drive employee GDPR behavioral changes through training, rewards, penalties and contracts. Almost half (47 percent) of businesses will go so far as to add mandatory GDPR policy adherences into employment agreements.
Failure to adhere to contractual guidelines could have significant implications. Nearly half (41 percent) of respondents also plan to implement employee disciplinary procedures if GDPR policies are violated. A quarter of businesses (25 percent) would consider witholding benefits—including bonuses—from employees found to be non-compliant. At the same time, 34 percent say they will reward employees for complying with GDPR policies, as those employees are helping to promote proper data governance within their organizations, which can lead to better business outcomes.
GDPR Driving Cultural Changes
The report found that the vast majority of respondents (91 percent) admit that their organization does not currently hold a culture of good data governance or GDPR compliance. However, as indicated above, companies understand that training is critical to driving cultural changes within their organizations.
The majority (63 percent) of companies believe all employees must receive mandatory training on GDPR policies. However, respondents were also quick to identify the types of employees that should be trained: 86% believe the IT department must be prioritized, closely followed by business direction and strategy employees (85 percent), business development/sales/channel employees (84 percent), legal employees (82 percent) and finance employees (82 percent).
“Data is one of the most critical assets within an organization, yet many businesses are struggling to implement good data hygiene practices—and that often starts with employees,” said Mike Palmer, executive vice president and chief product officer, Veritas. “However, our research shows that businesses are getting serious about driving cultural change within their organizations.”
“As businesses consider deploying new processes and policies including training, rewards and updated contracts in support of GDPR compliance, more employees will understand the role they play in protecting their organization’s data. And, for employees that fail to take matters seriously, their bonuses and benefits may be negatively impacted.”
Business Benefits of GDPR Compliance
While avoiding stringent regulatory penalties and fines is clearly a driver for improving an organization’s compliance posture, many companies also see major business benefits that go well beyond avoiding such sanctions. The research shows that almost all businesses (95 percent) see substantial business benefits to achieving GDPR compliance, including better data management across the entire organization.
Specifically, organizations believe that once they have advanced their compliance standing, they are able to reap the following benefits:
- Improve data hygiene:92 percent of respondents believe that their organization will benefit from good data hygiene, which helps drive trust in the data and improve data quality, accuracy and policy enforcement
- Generate more insights:68 percent believe that they will gather stronger data insights about their businesses through GDPR compliance, which can play a key role in delivering better customer experiences
- Save money:68 percent think that their organization will save money
- Build brand reputation:59 percent believe that data compliance will also strengthen their reputation or relationships with their customers
- Protect data:51 percent of organizations believe they will be able to protect data more efficiently
- Increase revenues:45 percent expect to reduce costs, increase revenue or market share with better data management. One in five (22 percent) think it will ultimately help their organizations have more disposable cash, which can be used to invest in research and development (R&D) or to deploy additional resources to drive innovation
- Hire more people:A quarter (25 percent) say enhanced data compliance will allow the organization to employ more staff to provide better customer service
“The GDPR will take effect on May 25, 2018 and will apply to any organization—inside or outside the EU—that offers goods or services to EU residents, or monitors their behavior,” added Palmer. “Companies that adhere to compliance not only reduce their risks of fines, but have an opportunity to offer customers better experiences through proper data management, which can impact customer loyalty, revenues and brand reputation.”
“In only a matter of months, the deadline for GDPR compliance will be upon us: 25th May 2018,” said Johnny Karam, vice president emerging market. “As the deadline approaches, it is imperative that employees understand the importance of protecting company data to ensure that their business doesn’t face the extensive fines and reputational damage associated with non-compliance.
“As businesses consider deploying new processes and policies including training, rewards and updated contracts in support of GDPR compliance, more employees will understand the role they play in protecting their organization’s data,” added Karam.
Veritas also announced today significant technology advancements that can help companies comply with the GDPR. Specifically, Veritas announced a key integration between its Classification Engine and its eDiscovery Platform that will help customers quickly scan and tag data, using a pre-designed set of classification policies, to ensure that sensitive or risky information is properly managed and protected. Click here to read more on that announcement.
And, for information on how Veritas can help your organization become GDPR compliant visit https://www.veritas.com/gdpr.
Veritas commissioned independent technology market research specialist Vanson Bourne to undertake the research upon which this report is based.
A total of 900 business decision makers were interviewed in February and March across the US, the UK, France, Germany, Australia, Singapore, Japan and the Republic of Korea. The respondents were from organizations with at least 1,000 employees, and could be from any sector. To qualify for the research, respondents had to be from organizations that do at least some business with the EU.
Interviews were conducted online using a rigorous multi-level screening process to ensure that only suitable candidates had the opportunity to participate.
About Veritas Technologies
Veritas Technologies empowers businesses of all sizes to discover the truth in information—their most important digital asset. Using the Veritas platform, customers can accelerate their digital transformation and solve pressing IT and business challenges including multi-cloud data management, data protection, storage optimization, compliance readiness and workload portability—with no cloud vendor lock-in. Eighty-six percent of Fortune 500 companies rely on Veritas today to reveal data insights that drive competitive advantage. Learn more at www.veritas.com or follow us on Twitter at @veritastechllc.
Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change at the sole discretion of Veritas. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Veritas, may or may not be implemented, should not be considered firm commitments by Veritas, should not be relied upon in making purchasing decisions, and may not be incorporated into any contract.
Veritas, the Veritas Logo, NetBackup, Backup Exec and Enterprise Vault are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.