AvePoint Media Contact
Tel: +1 (703) 214-0522
AvePoint and CIPL Assess Global Preparation for EU General Data Protection Regulation with First-Ever Readiness Benchmark Report
With indicators suggesting that organizations face much work ahead, AvePoint and CIPL partner to provide insight and guidance to ensure readiness for global impact of European data privacy mandate
Brussels— November 9, 2016 — AvePoint, the Microsoft Cloud expert and leader in data protection, and the Centre for Information Policy Leadership (CIPL) at Hunton & Williams, LLP, a global privacy think tank, today announced from the halls of the IAPP Europe Data Protection Congress the availability of the first-ever global benchmark report for the European Union General Data Protection Regulation (GDPR). Launched in May 2016, the survey compiles responses from 223 predominantly multinational organizations on their preparedness for GDPR implementation.
The European Union GDPR marks the beginning of significant changes to how companies manage and process personal data, their privacy compliance programs, as well as IT systems and infrastructure. The GDPR replaces Directive 95/46/EC and will come into force in May 2018.
“The GDPR signals the start of a new generation of data privacy laws and practice in Europe and beyond,” said Bojana Bellamy, President, CIPL. “The new law will affect the risk profile of organizations, impact their management, use and sharing of data, as well as their IT systems and infrastructure. But GDPR also represents an opportunity for organizations to consider data privacy compliance more strategically and holistically, as it becomes key to their data strategy and the digital transformation of their business.”
The report highlights nine key trends that relate the most to everyday business and compliance concerns, including:
GDPR Impact: Respondents believe that the aspects of the GDPR that will have the largest impact on their organizations are the requirements for a comprehensive privacy management program, use and contracting with processors, as well as data security and breach notification. As expected, senior management is most concerned about the GDPR’s enhanced sanction regime and the data breach notification requirements, as well as how the regulation will impact their data strategy and ability to use data.
Data Transfers Outside the EU: Organizations appear to use a wide variety of mechanisms today for data transfer related to internal human resources (HR), consumers/customers, and vendors. According to responses, they will continue to do so after the GDPR is implemented. The most popular mechanisms today are, in descending order: Model Contracts, consent and necessity for contracts, as well as Privacy Shield.
Compliance Technology Tools and Software: Currently, organizations do not appear to widely use or have access to technology tools and software to aid with data privacy compliance tasks. Only a minority of organizations use technology to automate and industrialize their data protection impact assessments (DPIAs), data classification and tagging policies, data processing inventories, and delivery of the new data portability right.
“This GDPR survey report is designed to help organizations understand and benchmark the key operational impacts of the regulation and to support their internal change management program,” said Dana Simberkoff, Chief Compliance and Risk Officer, AvePoint. “We hope that this report will allow organizations to accelerate their progress toward true operationalization for GDPR readiness.”
AvePoint is the Microsoft Cloud expert. Over 15,000 companies and 7 million cloud users worldwide trust AvePoint to accelerate the migration, management, and protection of their Office 365 and SharePoint data. AvePoint’s integrated cloud, hybrid, and on-premises software solutions are enhanced by 24/7 support and award-winning services. Organisations across six continents and all industries rely on AvePoint to ease transition to the Microsoft Cloud, increase IT administrator productivity, and satisfy governance and compliance objectives.
A three-time Microsoft Partner of the Year, AvePoint has been named to the Inc. 500|5000 six times and the Deloitte Technology Fast 500™ five times. AvePoint is a Microsoft Global ISV Partner, a Microsoft Gold Partner in Application Development, Cloud Platform, Cloud Productivity, and Collaboration and Content, and a US Government GSA provider via strategic partnerships. Founded in 2001 and headquartered in Jersey City, NJ, AvePoint is privately held and backed by Goldman Sachs.
About the Centre for Information Policy Leadership (CIPL)
The Centre for Information Policy Leadership (CIPL) is a global privacy and security think tank based in Washington, DC, Brussels and London. Founded in 2001 by leading companies and Hunton & Williams LLP, CIPL works with industry leaders, regulatory authorities and policy makers to develop global solutions and best practices for privacy and responsible use of data to enable the modern information age. More details can be found at www.informationpolicycentre.com.
About Hunton & Williams LLP
Hunton & Williams is a global law firm of more than 750 lawyers serving clients in the United States, Europe, Latin America, and Asia. The firm handles transactional, litigation and regulatory matters for a diverse client base, with significant experience in retail and consumer products, energy, financial services, real estate, and privacy and cybersecurity. Visit our website at hunton.com and Privacy and Information Security Law Blog at huntonprivacyblog.com. Follow us on Twitter, LinkedIn, and YouTube.
CIPL Media Contact
Chris Wilson – Hunton & Williams LLP
Tel: +44 (0) 20 7284 6945
All product and company names herein may be trademarks of their registered owners.