Different data protection laws and privacy regulations are emerging around the world. Nearly all organizations today recognize the need to meet the data regulatory requirements as there are strict penalties for noncompliance with it.
To come to terms with the EU General Data Protection Regulation (GDPR), organizations are actively investing in privacy programs. Some organizations who were initially afraid to invest had doubts if their investments in privacy could yield positive returns. But, according to a report Cisco 2020 Data Privacy Benchmark Study, the returns on privacy investments are positive.
For this, Cisco organized a survey that covered responses from 2,800 respondents in 13 countries, out of which 2,500 knew about privacy in their organizations. Respondents were asked to provide the size of their total annual spending on privacy, as well as the impact of it on their business based on the following tangible and intangible factors:
- reducing sales delays
- enabling agility and innovation
- making company more attractive to investors
- mitigating losses from data breaches
- achieving operational efficiency from data controls, and
- building loyalty and trust with customers.
The results revealed that the organization’s average spend on privacy was $1.2 M and the return they were getting back was $2.7 M. That makes privacy investment a wise decision.
Figure 1: Summarizes the annual privacy spending overall and by company size.
Figure 2: Summarizes the estimated return on privacy investment overall and by company size.
Combining the data on privacy investment and benefits, for every dollar a company spends on privacy and regulation, it receives $2.70 worth of benefit. In the survey of all the companies, almost half (47%) are seeing more than twofold return and more than 30% are breaking even. Only 8% have reported they received less in return in terms of benefits.
Robert Waitman, director of Privacy Insights & Innovation at Cisco, noted that privacy regulation has been a major factor that has driven companies’ efforts to protect their personal data. Strict actions and fines on noncompliance is another motivator.
More than 50% of the brands are ready for GDPR. 41% will be ready in one or more than a year, while just 3% have said they don’t feel GDPR applies to them.
“Companies that have become a little more mature and accountable from their privacy programs are getting their best returns. We have talked about $270 return on a 100, if you are investing a little more in that curve, it’s going to be $310 on that 100,” Waitman said.
However, he said companies could see their ROI drop should they have to comply with a variety of 50 U.S. state laws, as this will become complicated and would cost high for privacy programs to attach to laws with different requirements.
As more and more organizations are moving in this direction, they will need to adopt simple processes to show their customers how their data is being used and adopt technology solutions to adhere to the regulations in order to gain trust and transparency.