The survey focuses on key issues of the GDPR, including:
- age of consent for children;
- legitimate interest;
- data portability;
- privacy impact assessments;
- privacy by design;
- data protection officers;
- data breach reporting; and
- onwards transfer of data.
The results, which will be kept anonymous, will be analyzed and used to publish an extensive overview on GDPR readiness, broken down by factors such as industry vertical, revenue size and regions, so companies can compare their level of preparedness against their peers. This will ultimately help companies determine the best path forward and provide insight into the right resources and budgetary allocation to meet their compliance goals.
Recommendations for preparing for the immediate impact of the GDPR, including compliance best practices from industry experts, will also be included. This benchmark should provide insight not only for Chief Privacy and Data Protection Officers who are looking to ramp up their privacy programs, but also for Chief Information Officers, Chief Information Security Officers, business leaders and executive leadership within organizations. The goal is to help companies understand the task ahead, as well as key areas of investment as they bring their organizations into compliance with the GDPR.
The first report is expected to be ready June 2016, and we plan to repeat the survey annually to track progress.