View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
April 2, 2012

Report: EU Data protection act will cost businesses more

59% of IT managers believe new EU data protection regulations will increase the cost burdens on their businesses.

By Vinod

Research performed by Securedata shows that many IT professionals are concerned about the effects the EU’s proposed General Data Protection Regulation will have on their businesses. To see CBR’s summary of the proposals so far click here.

59% of IT managers surveyed believe these regulations will increase the cost burdens on their businesses.

As CBR reported last week – much of this worry is coming from loose definitions of the proposals, as well as the introduction of ‘independent’ Data Protection Officer’s (DPO) for businesses of over 250 staff. See story here.

Securedata’s research suggests that already 26% of respondents are looking at outsourcing their DPO requirements.

72% of respondents from the largest businesses (3,000 employees+) said the draft data protection rules would cost their business more, while only 64-58% agreed that the that the new regulations would improve business security and data protection.

Another 40% are concerned that the proposed 24-hour deadline for notifying individuals of a data breach would advertise company security weaknesses before an appropriate security review could be completed. This appears to be in response to issues such as Sony’s Playstation Network hacking, which saw the company attempt to cover up the intrusion rather than go public.

One of the more controversial requirements is the new "right to be forgotten". This would allow consumers to ask for data about them to be deleted. Organisations will have to comply unless there are "legitimate" grounds to retain it. How this will work is unclear, as some organisations are bound by agreements (such as banks) to hold on to this kind of data for fraud and regulatory purposes.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

It is also an unusual requirement in that this kind of rule already exists in UK law – businesses are not allowed to keep information without good reason.

Carl Shallow, head of compliance at SecureData believes that finding the right balance is vital.

"Across the enterprise questions must be asked about exactly what is sensitive data and where does it reside. There is frequently an abundance of ‘lost’ unstructured data siloed across the largest organisations’ IT estates. The new act is an ideal opportunity to review data governance procedures and management solutions."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.