To better support our customers in remaining compliant in the evolving regulatory landscape, we conducted a short survey* at the end of 2019 exploring the effect data privacy regulations have on their compliance and data management activities. In the previous blogs, I mentioned the high number of companies that are still not compliant with privacy regulations and I talked about their specific challenges. In this last blog about the survey results, let us look at the costs associated with becoming compliant with these privacy regulations.
We made an inventory of how much organizations were spending on consulting services and technological solutions to prepare for data privacy regulations. 29% of the respondents spent more than $100,000; 35% less than $100,000. 8% even spent more than one million. And 34% of the surveyed organizations were not sure how much was being spent.
Of course, the cost for compliance does not only encompass technology solutions. 2 out of 10 of our respondents already know they will hire more personnel, specifically to manage privacy issues this year.
We all know the costs of non-compliance can be so much higher than the cost of compliance. A quick look at the penalties alone justify this; the GDPR mandates penalties for non-compliance and/or data breach, which can reach up to 4% of the company’s annual global turnover or 20 million Euros, whichever amount is greater.
CCPA fines are applied per violation, are uncapped and there are apparently no sanctions for non-compliance. The violation is considered at the point of breach, contrary to the GDPR that can apply a sanction where a company is deemed to be at risk of a breach or not behaving responsibly. In addition, CCPA allows for the consumer to sue the business for violation.
Organizations therefore have no choice but to be compliant. They do however have to realize, that the cost of privacy compliance is more than simply financial and continuous compliance does not scale without the right technological solution.
Organizations don’t always think of an eDiscovery platform as the solution to assist them with compliance, but the workflow is the same. Discovery, at its core is the collection and indexing of disparate content so that it can be thoroughly reviewed and redacted.
Therefore, using the right eDiscovery solution leads to faster, more efficient and less disruptive handling of access requests and ensures the protection of personal information related to individuals other than the requester.
If you want to view all stats of our survey, you can follow this link to download the full info-graphic with all survey results. If you missed them, do not forget to read the previous blogs about the survey results.
* The outcome of this survey is provided for informational purposes only, and should not be construed as (legal) advice on any subject matter. ZyLAB expressly disclaims all liability in respect to actions taken or not taken based on any or all the outcomes of this survey.