Data Privacy Spending: Latest Research
Nearly 100 percent of organizations will increase their spend on data privacy in the next 12 months, a new survey of large, U.S.-based companies found.
FTI Consulting, a Washington, D.C.-based global management advisor has produced a study, Future-Proofing Corporate Data Privacy: Budgeting and Solutions to Address Tomorrow’s Compliance Challenges, to address solutions, strategies and budgets companies have in mind to tackle emerging data privacy challenges over the next 12 months. An earlier report in the two-part series examined corporate data privacy. (see below)
Top line result: Organizations intend to significantly increase their spending on data privacy-related programs. Nearly 90 percent of the 500 respondents in the study are willing to risk not fully complying with privacy regulations to mine the value of their data.
Key findings include:
- 97 percent of organizations will increase their spend on data privacy in the coming year, with nearly one-third indicating plans to increase budgets by at least 90 percent.
- 78 percent agreed with the statement: “The value of data is encouraging organizations to find ways to avoid complying fully with data privacy regulation.”
- 87 percent of respondents believe that steps toward compliance will mitigate regulatory scrutiny.
- 44 percent said they expect lack of awareness and training to be the key data privacy challenge of the coming year.
Only 6 percent of organizations do not plan to change their privacy solutions, according to the study’s findings. Establishing a clear, consistent set of data privacy standards, updating agreements and contracts with external parties, reviewing standard data privacy practices of supply chains and building privacy-by-design programs top the list of solutions organizations plan to implement in the next 12 months.
“The survey demonstrated a general awareness and understanding of the many risks and challenges at play in the data privacy arena,” said Jake Frazier, a senior managing director at FTI. “That’s encouraging because as illustrated by the changed landscape affected by the COVID-19 pandemic,a proactive, engaged approach to compliance is invaluable,” he said.
In March, FTI released the initial report in the series, entitled Corporate Data Privacy Today: A Look at the Current State of Readiness, Perception and Compliance, again based on responses from 500 industry leaders.
Key findings include:
- 75 percent of organizations have made changes to their data privacy programs in the last 12 months.
- In the coming year, 97 percent of organizations will increase their spend on data privacy, with an average increase of 50 percent.
- Potential losses from a data privacy crisis event could reach $79 million.
- 75 percent said government and regulators exert extreme or significant privacy compliance pressure. Additional influence came from the board, the media, customers and competitors.
- 20 percent said they are impacted but not fully compliant with the General Data Protection Regulation.
- 28 percent are affected by but under-prepared for the California Consumer Privacy Act.
- 68 percent rated systems and technology as very effective tools for enabling data privacy compliance.
- 60 percent said their organization lacks the resources to ensure full compliance with data privacy regulations.
- 81 percent understand the issues but awareness isn’t translating to a prioritization of data privacy at more than one-third of organizations surveyed.
“Despite a majority of respondents citing a positive data privacy compliance self-assessment, feelings of vulnerability to exposure or enforcement continue to run high,” Frazier said upon the study’s release. The respondents may have “inflated self-assessments, lack of understanding about the realities of data privacy regulations or unwarranted fear about the extent of their risk,” he said.