FTI Consulting, Inc. announces findings from its Technology segment’s study of data privacy trends, which indicated a sense of constant change and regulatory unease. Based on responses from more than 500 leaders of large, U.S.-based, companies, Corporate Data Privacy Today: A Look at the Current State of Readiness, Perception and Compliance, provides a robust illustration of the current privacy landscape and the programs, perceptions and strategies currently in play at large corporations.
Key findings include:
- 75 percent of organizations surveyed have made changes to their data privacy programs in the last 12 months.
- In the coming year, 97 percent of organizations will increase their spend on data privacy, with an average increase of 50 percent.
- Potential losses from a data privacy crisis event were calculated at $79 million.
- 75 percent pointed to “government and regulators” as sources of extreme or significant privacy compliance pressure and cited additional pressure from the board, the media, customers and competitors.
- 20 percent said they are impacted but not fully compliant with GDPR, and 28 percent are affected by but under-prepared for the California Consumer Privacy Act.
- 68 percent rated systems and technology as very effective tools for enabling data privacy compliance.
- Nearly 60 percent of respondents agreed with the statement: “We don't have the resources in our organization to ensure that we are fully compliant with data privacy regulation.
The survey also confirmed that board members and corporate leaders are knowledgeable of and committed to data privacy compliance. While 81 percent said their executives understand the issues, awareness isn’t translating to a prioritization of data privacy at more than one-third of organizations surveyed. At the same time, many organizations have a positive self-assessment of their privacy compliance, suggesting inconsistencies between awareness, prioritization, perception and readiness.
“Despite a majority of respondents citing a positive data privacy compliance self-assessment, feelings of vulnerability to exposure or enforcement continue to run high,” said Jake Frazier, a Senior Managing Director at FTI Technology. “This suggests respondents may have inflated self-assessments, lack of understanding about the realities of data privacy regulations or unwarranted fear about the extent of their risk. The good news is that most respondents have a strong technology position and are allocating increasing budgets to improve their privacy posture and support the addition of people and process, along with to technology solutions.”
Download Corporate Data Privacy Today: A Look at the Current State of Readiness, Perception and Compliance.
Demographics and methodology
This survey was conducted by FTI Consulting during November 2019. More than 500 leaders of large private-sector companies based in the U.S. were polled. The respondents all had knowledge of their organizations’ data privacy policies and activities. Sixty percent held titles in senior management or the C-suite and 28 percent held middle-management roles, across a range of industries including ICT services, financial services and manufacturing.