BDO USA Reports Claims US Firms Have Begun Addressing GDPR Shortcomings

A survey conducted on 145 US corporate directors of public company boards by BDO USA throughout August 2018 has showed that eight out of ten companies have begun taking steps to ensure they are adhering with data protection legislation.

The survey is part of the BDO  2018 Cyber Governance Survey which you can read here.

This included measures like completing a gap assessment and refreshing the company privacy policy. Along with this up to 33% of the respondents said that their company has spend more on data privacy protection and had appointed a data protection officer. However it is significant that these are the minimal steps that US companies doing business in the European Union must adapt to ensure that they are compliant with the new General Data Protection Regulation which became enforceable on May 25 this year.

Under this new legislation companies face penalties of up to €20m or 4% of annual global revenue, whichever figure is higher, if they are discovered to be in breach of the legislation. Due to this it is crucial that US companies address their GDPR shortcomings as soon as they can.

Amy Rojik, BDO USA’s National Assurance Partner for Communications and Governance said at the publication of the survey: “BDO’s 2018 Cyber Governance Survey reveals how public company board directors increasingly recognize the competitive advantages of embracing a digital transformation strategy and mitigating vulnerabilities related to cyber risk. Developing a strategic path for an organization’s digital transformation and devoting company resources and board oversight to cybersecurity and data privacy are now necessities for businesses to survive and thrive during this time of intense change.”

Jeff Ward, BDO USA’s Third-Party Attestation National Managing Partner stated that the is a clear trend emerging that firms are getting ready for closer monitoring by data protection authorities in the future. He remarked: ” Many of our public company clients anticipate increased regulatory scrutiny of their cyber risk and incident disclosures, and are using the SOC for Cyber reporting framework as a benchmark.”

The 2018 BDO Cyber Governance Survey is completed on a yearly basis by the BDO Center for Corporate Governance and Financial Reporting and looks to estimate the opinion of public company directors on these issues, as well as other key governance concerns.

HIPAA Violation Penalties

Most Common HIPAA Violations Causes