Although organisations may have initially reacted negatively to new data privacy regulations, as ensuring compliance with GDPR required a significant amount of time and financial resources, and often hiring new staff, new research suggests that nine months since its introduction businesses have warmed up to GDPR.
Cloud data services NetApp’s surveyed IT decision-makers across 501 UK-based businesses to gauge their reactions to GDPR and Brexit.
More than half say that data regulation either had or will have a positive impact, while only 18% have either seen or anticipate a negative impact. This is encouraging as many companies are clearly now aware of the benefits of stricter regulations.
This indicates that attitudes have shifted since NetApp’s survey conducted in April 2018 in which only 30% of UK IT decision makers said that GDPR would improve their competitive advantage.
The survey also suggests that there has been an improvement in organisations prioritising data privacy with 68% of UK companies saying that their level of concern for data privacy has increased since GDPR implementation.
However, businesses are less optimistic when it comes to the issue of GDPR and Brexit. Data sovereignty is the idea that data are subject to the laws and governance structures within the nation it is collected, and it may pose some hurdles in terms of data transfer between regions for businesses after Brexit.
This is because data physically stored in EU data centres may be subject to different regulations to data stored in the UK. Although it is likely that GDPR will be incorporated into British law after March 29th, this is not yet definite, and IT decision-makers are feeling this uncertainty.
With less than 50 days until the UK is due to leave the European Union, many UK companies are still unclear on how they should prepare for Brexit from a data management perspective: 19% say that they have either given none or not very much consideration, or do not think that they need to consider data sovereignty. One in seven companies say that they do not know how much consideration their organisation gives.
Nonetheless, many companies are concerned. In the UK, 66% of companies give ‘major’ to ‘some’ consideration to data sovereignty, when preparing for Brexit. Nearly half of UK companies think that their Brexit-related data sovereignty concerns will eclipse their pre and post GDPR worries.
A significant proportion are also concerned about the impact of data sovereignty on their ability to attract customers in EU jurisdictions post-Brexit, with 33% of companies seeing an impact.
Martin Warren, Cloud Solutions Marketing Manager, EMEA believes that a renewed focus on data privacy will benefit companies as they prepare for Brexit:
“The uncertainties around Brexit affect companies in numerous ways, including in their data management preparations. It is therefore encouraging to see many UK businesses already focussing on data regulation and privacy. Whilst this is partly driven by legislation and specifically the GDPR, there is now also a better understanding of how data regulation positively contributes to the commercial success of an organisation. As more details around Brexit emerge over the coming months, the best course of action for companies is to continue to build solid data protection and data governance processes, to ensure compliance with current legislation and preparedness for any future developments.”