Most U.S. Law Firms Not Fully Prepared for GDPR Compliance According to Wolters Kluwer’s ELM Solutions Survey

Wednesday, June 6, 2018 - 11:48
A majority (90%) of U.S. law firms surveyed by Wolters Kluwer’s ELM Solutions say data privacy and security are among their highest priorities. However, less than half (47%) feel fully prepared to address the new General Data Protection Regulation (GDPR) requirements that went into effect on May 25. Another 16% of respondents said they were somewhat prepared and more than a third (37%) had made no specific preparations.
Fewer than half of respondents (43%) had assigned a Data Protection Officer, a requirement of many organizations under GDPR. However, nearly 60% had assigned an individual, team or outside consultant to lead GDPR compliance efforts. Approximately 72% of those surveyed were also investing in cybersecurity solutions due to the new regulation. And 67% said they host annual data security training with employees or had performed training in the past 3 years. Seventy-four mid-to large-sized U.S. law firms responded to the May survey.
“Law firms, along with their corporate legal and legal operations counterparts, have made progress in readying themselves for GDPR, but there is still significant work to do,” said Barry Ader, Vice President of Product Management and Marketing for Wolters Kluwer’s ELM Solutions. “Given the substantial financial penalties imposed by the European Union for noncompliance, law firms and their corporate clients must work together to harmonize their data privacy and security policies and processes.”
Ader noted ELM Solutions has identified seven steps organizations and law firms should be taking to ensure they are in full compliance with GDPR to avoid the hefty financial and reputational penalties that will accompany violations. For more information on GDPR and compliance best practices, please visit ELM Solutions’ GDPR Resource Hub.