Regardless of what industry a company is classified under, they all are responsible for upholding particular standards to ensure compliance with industry regulations. However, according to the 2016 State of Compliance survey, a shockingly high number of organizations were shown to be a bit fuzzy on their requirements.
More specifically, the survey (run by data management firm Liaison Technologies) delivered results demonstrating that, of the 479 executives of medium-to-large-sized United States organizations surveyed, 47 percent of them were uncertain of which standards would even apply to their particular industry.
This uncertainty could cause enormous problems for an organization of any size. If an issue were to arise that complying with industry regulations could have prevented, the company in question would have a lot of very difficult answers to provide. What’s more, the issue could very well cause the company to fail; either directly, by hindering its activities to the point of bankruptcy, or indirectly, if client and customer faith in the company were shaken enough by its lack of preparation.
Look at it this way, if you had entrusted sensitive personal information to a company only to find out that their noncompliance with basic security standards had put you at risk, would you continue doing business with that company? It’s probably a safe bet that the answer is a resounding “no.”
However, the State of Compliance survey revealed that this very scenario could be happening all the time. For example, the Payment Card Industry Data Security Standard (PCI DSS) was only reported to be “applicable” in 3 percent of client responses, a number shockingly small when one considers that the PCI DSS applies to any and all entities that interact with cardholder data storage, processing, or transmission.
Making an already alarming situation even worse, a full quarter of survey respondents admitted that they were “unsure” of who in their operation held primary responsibility over information security and privacy. As a result, this full quarter of surveyed businesses could very easily have serious information security and privacy issues that have gone (or could later go) unnoticed.
Perhaps most disconcerting was the fact that a full 85 percent of respondents still felt secure in their job, whether or not their company exhibited any compliance issues.
We here at Palindrome Consulting think this is an unacceptable situation, and we would hope that you feel the same way. Moreover, we can help ensure that you are, in fact, fully compliant with any information-based regulations for your industry. For more information, give us a call at 305-944-7300.