GDPR: Is Germany ahead of the game?

The day the EU’s General Data Protection Regulation (GDPR) comes into force is just months away and marketers are stepping up their preparations. According to AvePoint’s global GDPR Readiness Benchmark Report over half of businesses are increasing GDPR budgets, while a third are adding headcount allocation to prepare for the regulation.

The GDPR has far greater reach than previous data privacy laws, impacting any business that collects and processes the data of EU citizens, even if that’s just a single customer. The regulation puts control of personal data into the hands of the consumer and obliges businesses to be more transparent about what information they capture, as well as how it is used, introducing fines of up to 4% of annual turnover for non-compliance.

The global nature of the GDPR means it will impact the vast majority of large businesses, so how prepared are companies for the impending regulation? Are European countries ready, or are they merely spectating as Germany takes the lead, and what steps are businesses worldwide taking to ensure compliance?

Europe prepares for the GDPR

Global preparations are variable

A study by Veritas Technologies revealed 86% of organisations across the globe are worried a GDPR breach could have a major negative impact on their business, but there is great variation in the level of preparation individual countries and global businesses are making for the regulation. Some international businesses are taking a global approach, including Apple, which introduced its Intelligent Tracking Prevention software in September to prevent advertisers following consumers’ online movements.

The U.S. is more advanced in data management than Europe, with 78% of U.S. businesses carrying out a data privacy impact assessment in the past year compared with just 60% in the UK and 65% in Germany. On the other hand almost half (43%) of IT professionals in the U.S. believe the GDPR won’t impact their business, compared with only 9% across the EU, indicating low awareness of the scope of the regulation. While countries such as Australia – which is bringing in mandatory data breach notification laws next year – are relatively advanced in preparing for the GDPR, the Veritas survey reveals some countries are way behind, with Singapore, Japan and the Republic of Korea the three that are least prepared.

Ultimately the increased territorial scope of the GDPR means it will impact all businesses, regardless of geographic location and the new regulation will set a global precedent for future data privacy laws. It is vital for all businesses to prepare for its enforcement by auditing the data they collect and analyse, securely deleting non-critical data, streamlining internal processes for managing that data – ideally via a central data hub – and revising policies for obtaining consent to data processing.

The terms of the regulation may seem strict but in the long term it will help marketers to gain consumer trust, as well as a more comprehensive understanding of individuals that can be used for relevant, targeted consumer engagement.

Further guidance on preparing for the GDPR can be obtained from individual countries’ data protection agencies, or the UK ICO Guide to the GDPR provides a detailed overview.

The GDPR may originate in the EU and Germany may be leading the way in planning for its enforcement, but it is a truly international regulation that will become the de facto template for global privacy laws moving forward, meaning businesses across the world must be prepared.

This article originally appeared on mandmglobal.com