Data Loss Caused by Staff Negligence and Bad Practices

Share Article

In May 2017, AIIM conducted a survey intended to assess the general readiness of businesses in relation to meeting the compliance requirements of GDPR, as we approach the May 2018 enforcement deadline. The results have been compiled into a new report along with our analysis of those results, and our recommendations on steps businesses can take to better prepare for GDPR enforcement day.

Understanding GDPR Readiness in 2017

Understanding GDPR Readiness in 2017

Assessing the general readiness for meeting the compliance requirements of GDPR.

Research shows that thirty-one percent of respondents reporting data loss or exposure within the last twelve months, according to new research by information management analysts, at AIIM. The primary reasons cite staff negligence or bad practices, not technology or hacking. Sixteen percent of our respondents reported internal or HR incidents due to unauthorized access. The result of these breaches is the exposure or loss of Personally Identifiable Information (PII) on employees, customers, or citizens.

The study, “Understanding GDPR Readiness in 2017,” asked respondents to assess the general readiness of their businesses in relation to meeting the compliance requirements of GDPR, as we approach the May 2018 enforcement deadline.

“As we sit one year following the passing of GDPR with less that a year left until enforcement, we asked our respondents about their level of readiness. One might think that given the amount of time to prepare in advance of enforcement, a significant number would have responded that they were fully prepared, yet the opposite is true,” said Bob Larrivee, Chief Analyst for AIIM. Larrivee continues, “We find that only six percent of our respondents feel they are fully prepared for GDPR at this time while twenty-five percent say they are thinking about it and seven percent say they have basically done nothing at all.”

Here are a few more points uncovered about GDPR and data privacy from this report:

  • Twenty-one percent feel their executives have little awareness (13%) to no idea (8%) of what GDPR is or means
  • Forty-seven percent say that their executives are aware of (26%) or fully understand (21%) the non-compliance implications of GDPR
  • Thirty-nine percent feel that strong Information Governance (IG) practices are key to managing data privacy

A copy of the report can be found here.

About AIIM
AIIM has been an advocate and supporter of information professionals for 70 years. The association’s mission is to improve organizational performance by empowering a community of leaders committed to information-driven innovation. AIIM is a global, non-profit organization that provides independent research, education, and certification programs to information professionals.
# # #
Sean McGauley
+1 (774) 364-2088

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sean McGauley
Email >
Follow us on
Visit website