Cross-border data transfer and data security regulations is a hot topic for our member companies. To gain a deeper understanding of the status and challenges in the compliance efforts, we recently conducted the flash survey “Cross-border Data Transfer Compliance”.
Key findings:
- Several challenges lead to relatively slow progress of compliance: Only 8% of companies which applied passed the review. 38 % of the survey respondent don't think that the law applies to them and more than 20% plan to fulfill their reporting obligations after the release of the “Draft Regulation" by the Cyberspace Administration of China.
- Multiple application creates heavy workload for German companies: Given that there is no restriction for each company choosing only one method of application, 42% try to make multiple compliance applications using several items.
- Low transparency is the main challenge during the application process: Half of the companies surveyed who applied see unclear regulatory requirements and the inability to keep up to date with the application progress as major concerns.
- Multiple internal and external factors complicate data processing: Vague definitions of important data (54%), unclear amount of data (50%) and heavy workload (50%) are the biggest challenges during the data processing for German companies.
- Many companies are still in a wait-and-see-mode: Two thirds of the companies that plan but have not yet started to apply think that they do not fall under the scope of the regulation and 56% wait for the release of the important data catalogue.
- Companies suffer from heavy costs: 85 % of surveyed companies have already made some investment. The biggest impact of compliance with cross-border data transfer are additional compliance costs (70%) and increased communication costs & risks for communication with headquarters (57%).
