Insights & Analyses

10% of corporate execs say GDPR compliance will cost their company over $1M

May 3, 2018

A new survey of C-level executives has found that 71 percent of companies are confident they will be fully compliant with the European Union’s General Data Protection Regulation by its May 25 start date, leaving almost one-third of companies unsure they will make the cut.

The results come from a poll of 300 high-level security executives conducted by Help Net Security. It found that 10.3 percent of respondents expect GDPR preparation will cost them in excess of $1 million, while another 23.8 percent expect to spend between $100,000 and $1 million.

A large part of that cost will be new hires. Among those surveyed, 36.8 percent said their company will hire 6 to 10 new employees to meet GDPR requirements, while another 18.5 percent said they will hire more than 10.

Most companies are handling GDPR compliance in-house — 63 percent said they have a dedicated team within their company, while 28 percent contracted out the work.

Respondents indicated they expect GDPR rules to, unsurprisingly, have the greatest effect on technology companies. Other industries expected to see a major impact included online retailers and financial services.

OWI Take: These numbers show that most companies are taking GDPR extremely seriously as the days until it goes into effect tick away. But they still suggest that a significant number of companies are lagging behind and may not meet the May 25 deadline. It will be interesting to see how quickly the first fines are levied by the EU and who is targeted for noncompliance.