Published: February 2019

Perhaps no other law has received the attention that the EU General Data Protection Regulation has in recent years. Not only has the GDPR been the subject of conferences, white papers and news headlines, but also a significant number of surveys has been conducted on how well organizations are prepared for it, as well as how much of their budgets they are allocating to compliance efforts. Indeed, given the importance of the roll-out of the GDPR, organizations have been conducting surveys on GDPR compliance for several years.

This abundance of survey data about GDPR-compliance efforts over the past several years allows for a meta-level analysis of how organizations’ attention and resources have been reallocated and expanded to meet the law’s requirements. This study aggregates the results of 12 different surveys conducted between September 2016 and July 2018 on organizational GDPR-compliance efforts before and after the May 25, 2018, implementation deadline to gain the deepest insight possible into compliance efforts and costs at the organizational level on a global scale.

This report presents the findings from that meta-analysis.