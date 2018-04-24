CHICAGO--(BUSINESS WIRE)--Apr 24, 2018--A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly) indicates 90 percent of organizations do not have the necessary controls in place to be compliant with the General Data Protection Regulation’s (GDPR) impending enforcement date, May 25, 2018.

“With recent significant data breaches, concerns around personal data access at Facebook/Cambridge Analytica and the coming enforcement date of GDPR, privacy concerns are heightened,” David Ross, partner with Baker Tilly’s cybersecurity and privacy practice, said. “Leading organizations need to implement proactive, risk-based monitoring and compliance measures as part of a comprehensive cybersecurity and privacy program.”

Significant GDPR noncompliance penalties Enacted by the European Union (EU), the GDPR governs the collection, processing, use and storage of personal data originating in the EU. Organizations, including U.S. organizations, could face significant impacts, including fines of up to four percent of annual global revenue or €20 million (whichever is greater) and material and non-material damages such as financial loss and damage to reputation.

“Having well-documented privacy policies and procedures coupled with a documented privacy program overall demonstrates the organization is actively engaged in ensuring compliance in case of GDPR oversight review,” Mike Vanderbilt, director with Baker Tilly’s cybersecurity and privacy practice, said.

Baker Tilly recently held an educational webinar, “GDPR: Is your organization ready?” to help organizations understand the GDPR and prepare for the enforcement, ongoing monitoring and compliance.

The webinar presenters discussed:

Potential data pools and systems affected by GDPR The impact of the data subject rights and other requirements defined by GDPR and how they apply to organizations How an organization’s current cybersecurity and privacy programs can support its ability to address GDPR’s requirements

Presentation slides and a recording of the webinar are available at bakertilly.com/insights/gdpr-is-your-organization-ready. A GDPR overview infographic can be found at bakertilly.com/GDPR.

