Market Overview

45 Days to Go: 76% of U.S. Organizations Are Concerned About Meeting the GDRP Deadline


Only half of U.S. businesses will invest in public cloud services and
ensure compliance with data protection regulation requirements like GDPR

NetApp (NASDAQ:NTAP) – With 45 days until the May 25 enforcement date of
the EU's General Data Protection Regulation (GDPR), NetApp, the data
authority for the hybrid cloud, today released research findings from a
global survey of IT decision makers across the U.S., UK, France, and
Germany. The survey shows that these decision makers are still missing
an opportunity to transform their business through a holistic data
management approach that reduces risk and improves business efficiency.
For nearly two years, most organizations have lagged in addressing their
GDPR compliance, and in some cases are ignoring the issue completely. In
doing so, they are ignoring the benefits to be gained from the
compliance effort, including developing a data-centric approach to
control, manage, and move data regardless of where it's stored – on
premises or in the cloud. A data-centric approach drives improved
efficiencies and competitive advantage and unifies data governance
practices across organizations to drive down cost.

According to the report:

  • 40% of U.S. businesses and 35% of global businesses think that GDPR
    could threaten their existence due to financial penalties, while 52%
    of U.S. businesses and 50% of global businesses think that it could
    lead to reputational damage.
  • Only 52% of U.S. businesses and 39% of global businesses are confident
    that they know where their data is stored.
  • 63% of U.S. businesses continue to invest in private cloud services
    and ensure compliance with data protection.

"The survey responses are surprising, given that the key capabilities
required for ensuring data privacy and complying with the GDPR are also
essential for increasing business efficiency and competitiveness," said
Elizabeth O'Callahan, NetApp vice president, Legal. "GDPR compliance
requires organizations to know where their data is and to be able to
classify data and control the lineage of data – all capabilities that
are essential for data analytics initiatives designed to deliver
accurate business insight. These capabilities are also fundamental to
the success of other digital transformation and omnichannel marketing
initiatives, including mobile networks, AI and machine learning, IoT,
robotics, and more."

In light of frequent high-profile data breaches, a GDPR-compliant data
privacy program will also establish trust among customers and partners.
Companies that embrace GDPR compliance can create a clear competitive
differentiation in the marketplace.

NetApp understands the process and legal requirements that GDPR imposes
on organizations that store, process, or hold data on EU residents.
NetApp is one of fewer than 100 companies in the world that have
EU-approved Binding Corporate Rules (BCRs), and NetApp partners with the
world's top governance, risk, and compliance (GRC) consultancies and
e-discovery vendors. NetApp can help customers integrate NetApp®
and partner technologies to enable them to identify where personal
information is held, improve their data management and governance
processes, and build GDPR-compliant processes into their day-to-day

"Companies that control their data control their destiny, so it is
surprising to see that despite the risk-reduction and operational
benefits of GDPR compliance, so many businesses are still struggling to
meet the deadline," said Bill Miller, NetApp CIO. "The good news is that
there is still time to engage a GDPR expert to help prioritize and
complete the most critical GDPR compliance tasks and ensure that you,
your partners, and your cloud providers know where your company's data
is stored. Most important, organizations need to shift their thinking.
Every step they take to comply with the GDPR makes them a stronger

Annual NetApp GDPR Survey

The NetApp GDPR survey was conducted across a database of 1,100 C-suite
and IT managers responsible for IT buying decisions in the United
Kingdom, United States, France, and Germany, working in companies with
100 or more employees, to understand attitudes and readiness toward
cloud services, data needs, and the level of awareness and preparedness
for the upcoming GDPR legislation.

Additional Resources

About NetApp

NetApp is the data authority for hybrid cloud. We provide a full range
of hybrid cloud data services that simplify management of applications
and data across cloud and on-premises environments to accelerate digital
transformation. Together with our partners, we empower global
organizations to unleash the full potential of their data to expand
customer touchpoints, foster greater innovation, and optimize their
operations. For more information, visit

NETAPP, the NETAPP logo, and the marks listed at
are trademarks of NetApp, Inc. Other company and product names may be
trademarks of their respective owners.

View Comments and Join the Discussion!