Jonathan T. Marks CPA, CFF, CFE and NACD Board Fellow

Baker Tilly Poll Shows GDPR Compliance and Privacy Governance Still a Challenge for Most Organizations

CHICAGO–()–A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly) indicates that while the number of respondent organizations that believe they are compliant with the General Data Protection Regulation (GDPR) increased more than 20 percent in the eight months following the May 25, 2018 enforcement date, nearly 67 percent of companies responding to the poll are still not compliant. Additional data showed 36 percent of respondents identified information technology (IT) as responsible for data privacy at their organization.

“GDPR is becoming the de facto standard for privacy regulations in the U.S. and across the globe. If an organization is compliant with GDPR, the organization is already approximately 90-95 percent compliant with the California Consumer Privacy Act”

Tweet this

“Privacy governance is relatively immature with organizations only beginning to incorporate it into their strategy,” David Ross, principal and growth leader of Baker Tilly’s privacy and cybersecurity practices, said. “At its core, privacy is a risk-based issue, not an IT or security problem. A sustainable privacy program requires a multi-disciplinary approach that incorporates governance, compliance and risk management disciplines from senior management, finance, IT, security, HR and other functional areas.”

“GDPR is becoming the de facto standard for privacy regulations in the U.S. and across the globe. If an organization is compliant with GDPR, the organization is already approximately 90-95 percent compliant with the California Consumer Privacy Act,” Mike Vanderbilt, director with Baker Tilly’s privacy practice, said. “Working toward a sustainable privacy program enables an organization to pivot and adapt as new regulations unfold.”

Baker Tilly recently held an educational webinar, “The rise of privacy: a risk-based approach to privacy oversight, compliance and management,” providing insight into how organizations can prepare for enforcement, ongoing monitoring and compliance in an evolving privacy regulatory landscape.

The webinar presenters discussed how to:

  1. Identify current and developing privacy regulations and emerging risks that impact oversight
  2. Assess the benefits, challenges and ultimate impacts of an integrated privacy oversight, compliance and risk management program
  3. Optimize a privacy assessment to enhance internal and external stakeholders’ trust and confidence in the organization’s data security and privacy processes and controls

Presentation slides and a recording of the webinar are available at https://bakertilly.com/insights/the-rise-of-privacy-a-risk-based-approach-to-privacy-oversight-compliance-a/.

About Baker Tilly Virchow Krause, LLP (bakertilly.com)
Baker Tilly Virchow Krause, LLP (Baker Tilly) is a leading advisory, tax and assurance firm whose specialized professionals guide clients through an ever-changing business world, helping them win now and anticipate tomorrow. Headquartered in Chicago, Baker Tilly, and its affiliated entities, have operations in North America, South America, Europe, Asia and Australia. Baker Tilly is an independent member of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 147 territories, with 33,600 professionals. The combined worldwide revenue of independent member firms is $3.4 billion. Visit bakertilly.com or join the conversation on LinkedIn, Facebook and Twitter.

Baker Tilly Virchow Krause, LLP is a member of the Baker Tilly International network, the members of which are separate and independent legal entities. Baker Tilly refers to the global network of accounting firms of Baker Tilly International Limited. Each member firm is a separate legal entity. Baker Tilly International Limited does not provide services to clients.

© Baker Tilly Virchow Krause, LLP