The latest privacy compliance news, issues, resources and
expert advice to save you time and mitigate risk.

Written by Nymity
on July 10, 2019

There has been no rest for privacy professionals coming out of last year’s GDPR compliance activities. With California (CCPA) and other jurisdictions bringing in new and/or amended privacy legislation, putting increasing demands on the privacy office, it isn’t surprising that privacy professionals are feeling anxious. What other challenges are privacy professionals facing in managing their privacy compliance efforts? What is the reality of where they are spending their time? How integrated is the rest of the business in privacy compliance activities?

To get to the heart of these questions, this spring, we launched our first Privacy Pulse survey where we heard from over 100 North American privacy professionals.


What is the current pulse of the privacy office?

Privacy has become a more integral part of their business plan and strategy, however, more than half of respondents rated their business’ privacy knowledge at moderate to very low. While they would prefer to spend more of their time on privacy and compliance awareness and education, they are putting a significant amount of time and effort into documenting policies and procedures. This is carrying over to the functional business areas who are also spending a substantial amount of their privacy compliance related activities on documentation and data inventories.

The challenges with documentation may also be leading to difficulty with regulatory reporting with an overwhelming number of survey respondents indicating it would take two or more days to report to regulators if required. This is surprising as industry-leading software enables privacy professionals to report in minutes rather than days. Boards are also becoming more interested in privacy activities, requiring reporting at regular intervals which reflects the elevated role of privacy in successful business strategy.


What does the future hold?

The role of the privacy office has gone through a renaissance over the last few years. As the regulatory environment has become more complex and the business impact of non-compliance has become more significant, privacy has evolved into an integral part of the overall business strategy and planning. There is an overwhelming belief that privacy will become increasingly integrated, or even embedded, into business operations.

There is also a consensus that privacy will become more complex, and data governance will be increasingly important as additional data types such as geolocation, biometric and industrial internet of things potentially come under the purview of data protection legislation.


Read full details of our report here:

Download Full Report

Request A Demo

You may also like:


Brexit and Data Protection: What Happens in Case of a Deal?

Earlier today, the European Union and the United Kingdom reached agreement on a revised customs plan for Brexit. If appr...


Managing Data Breaches, Best Practices for an Accountability Approach

The CCPA, EU’s GDPR, Canada’s PIPEDA, Brazil’s General Data Protection Law, Australia’s notifiable data breach scheme ar...

GDPR ccpa

CCPA, Nevada and the Ever-Changing US Landscape

When we did our last update on the status of US privacy legislation just a few weeks ago, there were 15 States with cons...