That is to say, according to the IAPP-EY Annual Privacy Governance Report 2018, only 44% of companies say they are fully compliant
Firstly, organizations spend an average of $3M getting to GDPR compliance.
Secondly, only 44% of the companies reported that they are fully GDPR compliant.
Moreover, GDPR requires data controllers to report rapidly—within 72 hours of data breach discovery.
In addition, if an EU resident requests to be forgotten, you must eliminate all individual records that you process or control
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individual citizens of the European Union (EU) and the European Economic Area (EEA). Moreover, it also addresses the transfer of personal data outside the EU and EEA areas.
That is to say, the GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
In addition, the California Consumer Privacy Act (CCPA) is a bill that enhances privacy rights and consumer protection for residents of California, United States.