Home Government Tech Policy Australian firms lagging on EU data compliance: study

Australian firms lagging on EU data compliance: study

Many Australian organisations are unprepared to comply with the EU's General Data Protection Regulation that comes into force in a little more than a year, a study by data management company Veritas Technologies claims.

The study, carried out by Vanson Bourne for Veritas, questioned 900 business decision-makers in February and March across the US, the UK, France, Germany, Australia, Singapore, Japan and South Korea.

In Australia, 88% of those interviewed said they were worried that failure to comply with the GDPR would have negatively affect their businesses.

And 23% were apprehensive that non-compliance would force them to shut shop.

The GDPR aims to harmonise governance of information that relates to individuals across the EU and calls for greater oversight of where and how personal data — including credit card, banking and health information — is stored and transferred, and how access to it is policed and audited by organisations.

Data chart.

The regulations will extend globally, affecting any company that offers goods or services to EU residents, or monitors their behaviour, for example, by tracking their buying habits.

Other Australian-specific findings:

  • Less than 30% believed their organisation was compliant;
  • About 46% have expressed concerns that they will not meet the compliance deadline;
  • More than 1 in 4 (29%) were worried about potential lay-offs due to high financial penalties (upto €20 million or 4% of annual turnover);
  • About 30% were fearful their current technology stack was unable to manage their data effectively;
  • About 39% said their organisation could not accurately identify and locate relevant data; and
  • About 42% admitted there was no mechanism in place to determine which data should be saved or deleted based on its value.
  • The study found that globally many businesses had a long way to go before they were GDPR-compliant.

The study found that several countries were way behind their global counterparts in terms of GDPR readiness. Singapore, Japan and South Korea were last in the survey on this topic, with 56% of respondents in Singapore fearing they would be unable to meet the deadline. In Japan and South Korea this figure was 60%.

Fears of going out of business were greatest in the US and Australia. Nearly 25% of respondents in both countries feared non-compliance could lead to closure.

Similarly, respondents in the US (26%) and Australia (30%) were also the most concerned that penalties from GDPR non-compliance could lead to layoffs. In South Korea, the figure was 23%.

In the Asia Pacific region, businesses were worried about a compliance failure affecting the reputation of their brands.

“There is just over a year to go before GDPR comes into force, yet the ‘out of sight, out of mind’ mentality still exists in organisations around the world. It doesn’t matter if you’re based in the EU or not, if your organisation does business in the region, the regulation applies to you,” said Mike Palmer, executive vice-president and chief product officer, Veritas.

“A sensible next step would be to seek an advisory service that can check the level of readiness and build a strategy that ensures compliance. A failure to react now puts jobs, brand reputation and the livelihood of businesses in jeopardy."

Graphic: courtesy Veritas Technologies.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News