104 Danish companies are asked how clear they are at different points of the Personal Data Regulation and, according to IT Branch, they were not uplifting answers, they included:
I spoke with a CEO of a 1roughly 3000 people company. I asked him what they are doing to prepare for GDPR. He told me that they do not count to be compliant by May 2018. He seemed not too worried about the fines and told me that there are many companies which are in the same situation. He thinks there is not any hurry to become compliant by May and that eventually compliance will be achieved over time.
I was shocked, because it means that, from a CEO perspective, many businesses are not taking seriously the EU system, the related fines threat and in general the EU Laws. Possibly the EU will need to show if they are joking or not with this Privacy Law and with its enforcement.
So, how compliant do you reckon they are with "The Act on Processing of Personal Data (Act No. 429 of 31 May 2000)"?
If they are that badly off, most explicitly "38.8 percent do not have data processing agreements with their external partners" (although not having any DP training isn't exactly Principle 7 compliant), then they aren't exactly compliant with the current rules (unless Danish DP legislation is wildly different from the EU norm).
My partner is Danish and I spend a lot of time over there.
It's generally a no nonsense society and they tend to "say it as it is".
My feeling is that if firms across the rest of Europe were to answer this survey as honestly, we'd see similar results.
Agreed. Scandinavian are usually more candid and honest than rest of Europeans. You can blame me for stereotyping, reverse-racism (I am not Scandinavian) and generalizing, but the bottom line is that it's true.