How employees and their organizations are prioritizing data privacy
Employees in the UK expressed greater understanding of privacy laws, and better training opportunities, than those in the U.S., the ObserveIT survey reveals.
The survey polled 1,000 full-time employees in the United States and United Kingdom to determine their understanding of their organizations’ current privacy regulations.
New policies and regulations dictating organizations’ handling of sensitive consumer information – such as the GDPR, the CCPA and Vermont’s data privacy law – have brought to light the need for companies across the globe to put the privacy of their customers and employees first.
It is important for organizations to adopt technology solutions and to invest in training to ensure all employees, partners and contractors understand regulations and the potential repercussions of non-compliance.
Employees can be an organization’s strongest defense for protecting sensitive information, but to do so, they need the right knowledge, training and support.
Key findings
Most employees handle sensitive information daily. Almost 60% of full-time employees in the U.S. (58%) and the UK (59%) are handling sensitive information every day; however, employees in the UK are far more aware of privacy regulations around protecting this data.
There is a lack of understanding of privacy laws in the U.S. versus UK. In the U.S. more than half (52%) of employees aren’t aware of any privacy laws dictating how organizations manage sensitive data, but in the UK only 17% of people are unaware these laws. Further, in the U.S., one-third of respondents say they aren’t aware of any privacy policies their organization abides by.
There is an opportunity for better training, especially in the U.S. Sixty-seven percent of employees in the UK feel they have ample training to ensure that customer data is protected in line with regional regulations versus 47% of employees in the U.S.
The jury is still out on whether or not employers are doing enough to keep employees’ personal information private. Forty-five percent of U.S. employees aren’t very confident their organization is taking the proper steps to protect their own personal information compared with 38% in the UK. Thirty-seven percent of respondents in the U.S. agree that privacy regulations are important for keeping sensitive employee and customer information secure.
GDPR has had a much greater impact on employees in the UK versus U.S. While 65% of UK employees say they are handling information differently with the introduction of GDPR, only 15% of employees in the U.S. even know what GDPR is. Further, UK employees have a strong understanding of their compliance responsibilities.
A year after the official implementation of GDPR, 84% of UK employees said they understand their data compliance obligations at work and 51% agree that their information is safer now with GDPR.
“Privacy regulations aren’t going away any time soon. In fact, over the next several years, we’ll likely see more regional policies go into effect as consumers demand more transparency around how their information is being used,” said Mike McKee, CEO of ObserveIT.