Concern about the strict new General Data Protection Regulation continues to focus on security at expense of data privacy

93% of companies are worried about the storage of their data in the cloud after the General Data Protection Regulation (GDPR) and 91% are concerned about how the new rules will affect cloud services, according to new research from Calligo, a world-leading cloud solution provider.

The figures were in a survey of 500 IT decision-makers in companies with more than 100 employees and £15 million turnover, examining how businesses are preparing for the new regulation which comes into force next May.

Despite the severe penalties for infringing the GDPR, only 14% said worries about meeting their obligations under the new privacy laws with the wide-ranging new rules for handling and storing data are uppermost on their minds. Security and breaches are the largest area of concern, selected by 41% of respondents.

In relation to cloud services, 46% are concerned about the GDPR’s complexity, yet just 15% highlighted privacy.

“While our research shows that companies are rightly concerned about how the GDPR will affect the cloud, it is apparent that many are not helping themselves,” said Julian Box, CEO, at Calligo. “Although 89% claim to be very or quite clear about how GDPR will affect their organisation, they don’t seem to be giving due weight to meeting these new privacy obligations.”

“Of course, security is a huge concern, but it is only one part of the GDPR jigsaw that all organisations storing personal data of EU citizens have to have in place before the enforcement deadline on 25th May next year.” Box added “There is little point putting a ring of steel around data you shouldn’t have.”

More than half of respondents (52%) said the GDPR will not affect how they use cloud services, ranging from 40% in the legal sector to 100% in education.

Fewer than half (49%) of respondents said continuing doubts about the Privacy Shield (allowing EU citizens’ data to be held in the US in compliance with EU law) would affect their use of hyperscale cloud. Only 26% said they choose a cloud provider because they are confident about its GDPR effectiveness, whereas 41% make their choice based on scalability.

In other findings, the research revealed that the average amount respondents said their organisation is willing to spend on preparing for GDPR is £1.67 million.