BERLIN, Sept. 27 (Xinhua) -- Only 24 percent of German companies have fully implemented the new General Data Protection Regulation (GDPR) in their business to date, according to a survey published by the German digital association Bitkom on Thursday.
"The results are disillusioning," said Susanne Dehmel, managing director of Bitkom for law and safety, four months after the new data protection rules of the European Union came into effect.
According to the study, 40 percent of companies in Germany have implemented most of the regulations, but three out of 10 companies are only partially meeting the requirements. And about 5 percent of the German companies have just begun making the required adjustments.
The results are in line with a previous Bitkom survey published in May 2018, in which only 24 percent of the companies surveyed stated that they would complete the implementation of the EU data protection regulations by the deadline of May 25, 2018.
"Many companies have clearly misjudged themselves on the implementation of the GDPR. For others, the complete implementation is probably not a time-related problem, but an ideal that cannot be achieved at all," stated Dehmel.
According to the Bitkom study, eight out of 10 German companies complained about a higher cost for their day-to-day business because of the GDPR. And 96 percent of companies surveyed are demanding that the new rules should be improved and six out of 10 companies said that the GDPR must be simplified. The first priority in this regard would be a fundamental simplification of the data protection regulations for smaller companies.
"Completely new data protection obligations are difficult to manage, especially for small businesses," added Dehmel.
The GDPR restricts companies in their handling of customer or user data and the passing on of personal data is made more difficult. Consumers must be informed if personal data such as names, postal addresses, e-mail addresses and ID numbers are collected. The new rules also include the right of oblivion, allowing users to request the deletion of their personal data.
