The EU’s General Data Protection Regulation (GDPR) goes into effect on May 25, but many companies are still not in compliance with its rules, according to a new report from AvePoint and the Centre for Information Policy Leadership (CIPL). In a survey of 235 multinational organizations, 60% said they do not have any procedures in place to identify and tag data—leaving them in the dark about the sensitive and confidential content they hold within their information, and how it’s used or treated, according to the report.
For those unaware, the GDPR establishes formal regulations regarding data protection for organizations located in the EU, or those that work with EU clients. If a business is found to be non-compliant with the rules, they can be fined up to 4% of their annual global revenue, or €20 million. “The report shows that companies are not where they need to be in terms of compliance efforts. GDPR merely exacerbates how much oversight is needed to enforce changes down to the individual level,” AvePoint’s Dana Simberkoff said in a press release.
Read more about the findings of the new report on TechRepublic.