IAPP in collaboration with EY and EY Law produced the “IAPP EY Annual Privacy Governance Report” which analyzes the state of the privacy profession in 2021 examining the ongoing effects of the COVID-19 pandemic on the privacy profession, including the evolution of remote/hybrid/office work.
The report also covers the future of business travel, legal compliance issues related to the EU General Data Protection Regulation and California Consumer Privacy Act, as well as the progress of organizations in adapting to new laws, including the California Privacy Rights Act and other U.S. state laws, as well as Brazil’s General Data Protection Law.
Major Privacy Law Updates around the World:
1. In July, the most important GDPR decision was issued when Luxembourg’s National Commission for Data Protection imposed an unprecedented 746 million euro fine on Amazon for alleged violations of the GDPR.
2. Recently the Irish Data Protection Commission’s 225 million euro fine against WhatsApp is more than the total of all other GDPR fines that have been imposed since the law went into effect.
3. In August, China adopted the Personal Information Protection Law, which is set to go into effect Nov. 1.
4. South Africa’s Protection of Personal Information IAPP-EY Annual Privacy Governance Report 2021 Act came substantively into force July 1.
5. At the state-level in the U.S., privacy laws continue to advance from passage to implementation and enforcement.
Major Highlights from the Report:
1. Privacy budgets have increased significantly since last year, with the average privacy spend among organizations being $873,000.
2. 45% of organizations are planning to hire at least one or two new privacy professionals over the next six months.
3. Most firms said they usually take at least a few days to respond to DSRs, with nearly 4 in 10 saying they take at least a week.
4. Regarding CCPA compliance, 26% of firms to which the law is applicable reported being in full compliance, while 41% reported being very compliant.
5. 20% of firms to which the GDPR is applicable rated themselves as fully compliant with the law, while 43% said they are very compliant.
6. Six in 10 organizations have a dedicated team in place for handling DSRs, with access requests and right-to-erasure requests being the two most common.
7. Top 5 data records collected from employees during Covid 19 were: Health status information, Temperature, Covid 19 test results, Contact tracing information, and vaccination records.
8. Most businesses that transfer data out of the EU have either continued to rely on or switched to using SCCs, which were updated by the European Commission in June.
9. 30% of the Privacy professionals report to the General Counsel, 18% to the CEO, and 16% to the CCO while the rest of them report to VP, Board of Directors, or the CFO.
10. The most common job title for an organization’s privacy leader is Chief Privacy Officer, followed by DPO and Director of Privacy.
Some privacy management statistics from the past year:
1. The most common metrics used for benchmarking involve incident response, impact assessments, training, and DSRs. Access requests and right-to-erasure requests are the most common DSRs across firms, with at least two-thirds receiving them.
2. Some of the most common audits or certifications that organizations require from entities that process their data include ISO 27001 (28%), SOC2 Privacy (22%), or some internally developed assessment (17%).
3. More than half of organizations handle DSRs manually, while 1 in 3 has automated the process. Organizations most frequently use privacy technologies for DSRs (40%), data mapping (39%), cookie consent/website scanning (39%), privacy and data protection impact assessments (37%), consent management (35%), and third-party risk management (32%).
4. 67% of survey respondents this year have a CIPP credential, up from an average of about 59% over the past 3 years.
5. Nearly 6 in 10 privacy pros said that complying with cross-border data transfer laws is their most difficult task.
6. Nearly half (48%) of firms have a single global privacy strategy.
7. More than 7 in 10 firms transfer data from the EU to a third country; SCCs are used by nearly all (94%) of them.
8. 10% of firms chose to localize data, stop transfers or halt related services as a result of the CJEU’s ‘Schrems II’ decision.
9. 3 in 4 firms have a DPO, with 15% outsourcing the role (up from 8% in 2020)
10. 6 in 10 organizations with an in-house DPO said the position handles matters across all countries, while 4 in 10 have country-specific DPOs.
11. The countries most likely to have a dedicated DPO are Germany, the UK, and Brazil.
12. Firms have an average of 18 full- or part-time privacy staff, with more in the EU than the US.
13. Privacy spending has increased significantly since 2020, with the typical (median) organization’s privacy budget being $350K.
14. 6 in 10 privacy pros expect their budget to increase over the next 12 months, while almost none expect it to decrease.
15. Privacy policies, training, and incident response are among the tasks virtually all privacy teams are responsible for.
16. US-based privacy pros focus more on vendors, CCPA and LGPD, and consumer sentiment than EU.
17. 6 in 10 firms have had a privacy program for 3 to 9 years, up from just half in 2020.
18. 8 in 10 of the privacy professional respondents of the survey work for a firm headquartered in either the US (54%), EU (16%), or UK (10%). About half (47%) of respondents are based in the US, 19% in the EU, and 14% in the UK.
Report source credits: EY
whoah this weblog is magnificent i really like studying your posts.
Stay up the great work! You already know, many individuals
are hunting around for this information, you could help them greatly.
Fantastic perspective! I found myself nodding along. For additional info, click here: LEARN MORE. What’s everyone’s take?
I blog frequently and I truly appreciate your information.
This article has really peaked my interest.
I’m going to take a note of your website and keep checking for new information about once a week.
I subscribed to your Feed as well.
I am not sure the place you are getting your info, however
good topic. I needs to spend some time finding out much more or
working out more. Thanks for great info I was searching for this info for
my mission.
Looking for reliable appliance repair services you can trust? Our expert technicians are here to get your appliances running smoothly again. Whether it’s a malfunctioning refrigerator, a broken dishwasher, or a faulty washer and dryer, we provide fast, efficient, and affordable repairs. With years of experience and a commitment to quality, we ensure that every job is done right the first time. We pride ourselves on transparent pricing, honest assessments, and exceptional customer service. Don’t let appliance issues disrupt your day—call us today and get back to normal with our reliable repair services. Your satisfaction is our top priority!
buy prescription drugs online without: Canada pharmacy online – vacuum therapy for ed
indian pharmacy online Indian online pharmacy ship to usa best online pharmacy india
best ed solution: canadian pharmacy – ed medicines
prednisone 5 tablets: prednisone – prednisone tablet 100 mg
where can i buy amoxicillin without prec https://prednisoneraypharm.com/# prednisone 20mg online pharmacy
buy prednisone online no prescription: prednisone – prednisone drug costs
amoxicillin 500mg capsule https://amoxilcompharm.com/# buy cheap amoxicillin
prednisone daily: ray pharm – purchase prednisone from india
generic prednisone cost: Prednisone Without Prescription – prednisone tablets
cost of amoxicillin 30 capsules http://prednisoneraypharm.com/# can i buy prednisone online in uk
where to buy prednisone without prescription: ray pharm – where to buy prednisone uk
buy priligy max pharm: max pharm – dapoxetine online
generic ivermectin cream: iver fast – ivermectin tablets
mexico drug stores pharmacies https://mexicanpharmgate.com/ mexico pharmacies prescription drugs
mexico drug stores pharmacies https://mexicanpharmgate.com/ mexican border pharmacies shipping to usa
lisinopril1st: Lisinopril 1st – buy Lisinopril 1st