The issue of Data Privacy is finally getting the attention it deserves, especially after the May 2018 enforcement of the European Union’s General Data Protection Regulation (GDPR). Companies are wary of the importance of complying with the stringent GDPR guidelines and the ones who are not, are facing the heat from EU regulators as was seen in the recent example of France imposing a data consent fine of 50 million Euros on Google.
Companies in India seem to be on the right track when it comes to GDPR compliance. In a recent it was revealed that India is the sixth leading country in the GDPR readiness index.
In a short span of time, India has improved upon its EU GDPR readiness. The fast-emerging data privacy concerns and the resulting damage to the brand reputation and financial losses to the company seems to have established the importance of ensuring GDPR.
As per the study, GDPR-ready companies have reported lesser data breaches and a low impact of security-related incidents as compared to the non-GDPR complied companies.
Cisco’s report is based on data collected from 3,200 security professionals in 18 countries. 59% of these companies have met most of the GDPR requirements. 29% companies will take one more year to be fully-compliant with the GDPR while 9% will need more than a year to be GDPR ready.
The report also talks about the GDPR-readiness across different geographies. Countries like Spain, Italy, UK, and France topped the index. While countries like China, Japan, and Australia are at the bottom of the GDPR-readiness index.
What’s important about the GDPR is that the rule not just applies to businesses operating from EU but also to the businesses that serve the EU through the medium of internet.
India is working on its own data privacy law. The Personal Data Protection Bill by the Justice Srikrishna Committee was released in July 2018. The bill is yet to be introduced in the parliament. Considering the fast pace growth of internet adoption, it is important that the Indian government formulates a data protection law which is in line with the EU GDPR.