Waterford Technologies GDPR Survey

GDPR Survey 

GDPR legislation will come into full effect on May 25th 2018, enshrining full accountability for personal Data Protection. Processing, retaining and sharing Data which contains personal or personal sensitive information will be subject to stringent new rules and all organisations handling Data will need to be prepared for this. Waterford Technologies conducted a survey on our client base and the wider marketplace during October and November 2017 and some of the findings were surprising, even for our experts who deal with Data Management issues every day. 

Survey Delivery

In October and November 2017, we carried out a survey with a focus on Data Management, Compliance and GDPR.

We polled 2,050 decision makers from our client database and across many industries in Ireland, Europe and the UK in the following roles:

  • IT Directors and Managers
  • Data Protection Officers
  • CIOs
  • Compliance Managers
  • Legal representatives

From the 1,500 responses, we summarised the findings of this survey to spotlight the challenges that organisations experience at the moment in terms of Data Protection and especially GDPR readiness and preparation.

GDPR Compliance

Massive Email “Fail”

Although organisations still conduct the vast majority of business communications through email, a staggering 87% of survey respondents had not made any proper planning provision for dealing with email for GDPR. Either completely overlooking email or wrongly considering it to be within the Structured Data category as opposed to Unstructured Data (which it is), was the biggest single surprise.

50-50

Just around half (51%) of our respondents already have a properly developed Data Management plan in motion for GDPR, leaving a very tight timeline for the remainder to get a strategy and begin work on a project to align to the new legislation coming out in May. Responsible people will need to act early and fast in 2018 to get off the blocks.

Personal Data

82% of emails can be classified as containing Personal Data which is subject to GDPR audit and compliance. Worryingly, 52% of survey respondents revealed that there was not a complete awareness of the potential results of non-compliance with GDPR regulations on Personal Data.

Data Management Challenges

Selected Data Management responses from our GDPR Survey

  1. Momentum – Does an Active GDPR Project exist?

  2. Ownership – The GDPR Data Management project will not belong solely to IT decision makers.
    Ownership of GDPR Data Project
  3. Focus – What Data is in your scope for the GDPR project?Data Under Scope
  4. Internal awareness of GDPRInternal GDPR Awareness
  5. The consequences of not complying with GDPRAwareness of Consequences of Non-Compliance

Key Survey Takeaways

  • Overall, there is a large proportion of unreadiness for GDPR across all sizes of organisation with almost half of respondents indicating that a project had not started at the time of the survey. We expect this to change rapidly in the first weeks and months of 2018 as the May deadline approaches.
  • Forgetting that email, the lifeblood of business, is under scope for GDPR will be no excuse if a DSAR (Data Subject Access Request) is received or when a Data breach or compliance audit happens. Make a plan for email now!
  • Ownership of the project to ensure GDPR compliance will involve different functions from across the organisation.
  • Taking accurate “stock” of which Data is in focus for projects and GDPR audits has clearly not been enough of a priority for most survey respondents yet.
  • Understanding what Unstructured Data is and how much of it exists on Email and File servers is critical to making plans to deal with it and achieve compliance.
  • Limiting the amount of Personal Data sitting on the organisation’s servers will greatly decrease the possibility of non-compliance.

Data Project for GDPR Readiness

As we have discussed recently in our blog, the GDPR data project need not be a massive undertaking and our team of Data Management experts stand ready to assist you in your journey to compliance.

Scheduled audits, surprise inspections and post-breach investigations are all on the table and with the sheer level of “noise” around the whole GDPR introduction, it is easy for procrastinators to be confused by the number of options out in the market offering “silver bullets” to deal with it.

Finding where Personal Data is located on servers is a challenge that needs to be addressed immediately before GDPR comes into play and also on an ongoing basis to ensure that Unstructured Data compliance is maintained.

Practical Focus for GDPR Projects 

“GDPR and its potential fines are or are about to be the hot topic of conversation for all EU organisations in the coming weeks and months, with lots of promises and scare mongering, but not much in the way of fact and reality.” says Gary White, CIPP/E, Data Management Consultant with Waterford Technologies.

“GDPR is in reality the enforcement of existing data protection and compliance rules that have been almost completely ignored by organisations for years and which have now been updated and enforced via fines. GDPR will require organisations to look at multiple vendors to provide and comprehensive solution, as the fact remains that no one company can solve all their needs and a lot of companies are spreading fear by focusing on the wrong areas.”

White prefers to look at a practical focus for meeting compliance needs “Waterford Technologies via ComplyKEY focus on one key area, Unstructured Data or the day to day data of all organisations – email and file – to you and me. Accounting for anywhere between 70 and 80% of all data held by organisations, this is simply too critical to ignore, but unfortunately that seems to be the case as more and more organisations look at the Headline items from GDPR such as breach notification or data transfers and not the true daily headaches such as DSAR, analysis, retention and discovery”

 

About Waterford Technologies 

Waterford Technologies assists thousands of client organisations globally to proactively manage Unstructured Data (email and file) to best practice compliance standards. We enable organisations to make Data decisions based on their facts – bringing Unstructured Data to light and enabling analysis, plans and immediate action on the findings. 

We do not claim to solve all your GDPR headaches but will enable clients to meet requirements for Unstructured Data, which makes up roughly 80% of all business Data. That is a huge tick in the GDPR readiness journey!

We tailor a solution for your GDPR Unstructured Data requirement at a reasonable price point for your organisation, providing the expert advice and the toolset to allow you to achieve GDPR compliance for email and file.

Talk to our experts today

Waterford, Ireland  (January 8, 2018)

SISCIN Local Storage Launch

Waterford Technologies Launch SISCIN Local Storage

Waterford, Ireland, 28th September 2017 – Waterford Technologies, experts and leaders in email and file archiving, today announced the worldwide launch of SISCIN Local Storage, enabling clients to take advantage of Cloud power and scalability without any risk of their data being exposed to the Cloud.

SISCIN Local Storage enables analysis, management and reporting on server storage. Harnessing the scalability and flexibility of Cloud analysis, the client data remains on the Local network at all times, making it ideal for Cloud risk-averse organizations.

Continue reading “SISCIN Local Storage Launch”

US Sales Director Named Top Midmarket IT Executive

Griffin Tamura Named Top Midmarket IT Executive by The Channel Company and Midsize Enterprise Summit

Griffin Tamura - US Sales Director
Griffin Tamura – US Sales Director

Irvine, CA, September 21, 2017 – Waterford Technologies, one of the world’s leading email archiving and file management companies, today announced that Griffin Tamura has been named to The Channel Company’s Top Midmarket IT Executives list. This annual list honors influential vendor and solution provider executives who have demonstrated an exceptionally strong commitment to the midmarket.

Continue reading “US Sales Director Named Top Midmarket IT Executive”

European Court of Human Rights – Workers Must Be Made Aware of Email Monitoring

ECHR Building - Email Monitoring Case

Why is it important that an employee is made aware of email monitoring?

In light of the recent ECHR (European Court of Human Rights) case that concluded in favour of the employee, responsibility has now been placed with organisations regarding email policies and email monitoring.

“The case of Bărbulescu v. Romania (application no. 61496/08) concerned the decision of a private company to dismiss an employee after monitoring his electronic communications and accessing their contents, and the alleged failure of the domestic courts to protect his right to respect for his private life and correspondence.”

Continue reading “European Court of Human Rights – Workers Must Be Made Aware of Email Monitoring”

SISCIN Press Release

Press Release SISCIN

Waterford Technologies announce the launch of SISCIN to shake up the Cloud File Archiving Market.

Waterford, Ireland, Press Release- Waterford Technologies, experts and leaders in email and file archiving, today announced the worldwide release of SISCIN, enabling channel partners and end users to gain competitive advantage from Cloud Adoption, minimise cost and risk while increasing security and vendor independence.

Continue reading “SISCIN Press Release”

Office 365™ and US Government do battle

Office 365™

The US Government have been sued by Office 365™ creator, Microsoft for the right to inform their customers when a federal agency is looking at their emails, this follows multiple clashes between the technology industry and the country’s government in Washington DC.

The lawsuit argues that the government is violating the US Constitution by preventing Microsoft from notifying thousands of customers about government requests for their emails and other documents. This lawsuit was filed yesterday (13/4) in a federal court in the Western District of Washington. The Department of Justice has yet to comment on the situation.

Continue reading “Office 365™ and US Government do battle”

Banish your Redundant Data like St. Patrick Banished Snakes out of Ireland…

 Mark Mulcahy – Waterford Technologies

How much do you really know about the redundant data that’s being stored in your company server?

Well, one thing you should know is that up to 80% of it could be redundant, meaning it’s adding no value to your business operations whatsoever.
Continue reading “Banish your Redundant Data like St. Patrick Banished Snakes out of Ireland…”

It’s Here! Waterford Technologies Launches New Website!

Waterford Technologies are very excited to announce the launch of our newly designed website which goes live today and is located at www.waterfordtechnologies.com.  We have streamlined the menus to give you quick access to the items you’re looking for.  Major goals with the new website were to make it faster, easier to navigate and more user friendly.

Continue reading “It’s Here! Waterford Technologies Launches New Website!”

E-Discovery Document Retention – How Long is Long Enough?

Email Retention Management

“Companies should retain emails and documents in a central repository for more than seven years before considering deleting the information!” This is the opinion of experts in resolving IT disputes.

Organisations should consider retaining the information for longer than seven years in order to be able to appropriately respond to FOI, or e-discovery, requests stemming from disputes arising in the UK.

When companies or individuals sue each other they have the right to ask for relevant documents from the other party in a process called discovery. When the documents are digital ones, such as emails the process is called e-discovery.

Continue reading “E-Discovery Document Retention – How Long is Long Enough?”

Waterford Technologies – Welcoming our Newest Member of the Team

Waterford Technologies Expands it’s UK Sales Team

Waterford TechnologiesWaterford Technologies is pleased to announce that Richard Vere Hoose has joined our UK Team (Corporate Sales -EMEA). Rick has over 12 years’ experience in the IT and ICT Space. Prior to that, he was also involved in the banking sector.

Rick possesses skills of adaptability and leadership. This is supported by his past experiences working as a Territory Manager and training of sales staff for International companies such as Avaya and BT as well as helping to grow sales and sales team within the UK with companies such as Alternative Networks.
Continue reading “Waterford Technologies – Welcoming our Newest Member of the Team”