Survey from ObserveIT Reveals U.S. and UK Differences in Employees’ Awareness and Training Around Data Privacy Policies
ObserveIT, the leading insider threat management platform with more than 1,900 customers around the world, today announced findings from a survey revealing how employees and the organizations they work for are prioritizing data privacy. The survey polled 1,000 full-time employees in the United States and United Kingdom to determine their understanding of their organizations’ current privacy regulations.
New policies and regulations dictating organizations’ handling of sensitive consumer information such as The General Data Protection Regulation (GDPR), the California Consumer Privacy Act and Vermont’s data privacy law – have brought to light the need for companies across the globe to put the privacy of their customers and employees first. It is important for organizations to adopt technology solutions and to invest in training to ensure all employees, partners and contractors understand regulations and the potential repercussions of non-compliance. Employees can be an organization’s strongest defense for protecting sensitive information, but to do so, they need the right knowledge, training and support.
Key findings from the survey include:
Most employees handle sensitive information daily. Almost 60% of full-time employees in the U.S. (58%) and the UK (59%) are handling sensitive information every day; however, employees in the UK are far more aware of privacy regulations around protecting this data.
There is a lack of understanding of privacy laws in the U.S. versus UK. In the U.S. more than half (52%) of employees aren’t aware of any privacy laws dictating how organizations manage sensitive data, but in the UK only 17% of people are unaware these laws. Further, in the U.S., one-third of respondents say they aren’t aware of any privacy policies their organization abides by.
There is an opportunity for better training, especially in the U.S. Sixty-seven percent of employees in the UK feel they have ample training to ensure that customer data is protected in line with regional regulations versus 47% of employees in the U.S.
The jury is still out on whether or not employers are doing enough to keep employees’ personal information private. Forty-five percent of U.S. employees aren’t very confident their organization is taking the proper steps to protect their own personal information compared with 38% in the UK. Thirty-seven percent of respondents in the U.S. agree that privacy regulations are important for keeping sensitive employee and customer information secure.
GDPR has had a much greater impact on employees in the UK versus U.S. While 65% of UK employees say they are handling information differently with the introduction of GDPR, only 15% of employees in the U.S. even know what GDPR is. Further, UK employees have a strong understanding of their compliance responsibilities. A year after the official implementation of GDPR, 84% of UK employees said they understand their data compliance obligations at work and 51% agree that their information is safer now with GDPR.
“Privacy regulations aren’t going away any time soon. In fact, over the next several years, we’ll likely see more regional policies go into effect as consumers demand more transparency around how their information is being used,” said Mike McKee, CEO of ObserveIT. “We’re committed to helping organizations navigate this privacy-centric business environment by providing a deep understanding of user and data activity, ensuring the information of their customers and employees remains secure.”