More than a quarter of organizations globally are not prepared to comply with the European Union’s new General Data Protection Regulation (GDPR), which goes into effect today, according to a survey conducted by SAP Hybris.

In short, GDPR is all about personal data transparency and accountability on the part of data collectors. It requires companies with customers in EU member states to receive consent from individuals to collect and using their personal data, adding it can only be used for the stated purpose. It also gives individuals the right to see what data has been collected and calls for fast disclosure of any hacking or data theft event.

In SAP Hybris’s survey of 165 executives in marketing and ecommerce across five continents, 26% of respondents said they either didn’t have a plan in place to comply with GDPR or weren’t sure if a plan existed.

Another 50% of respondents said they have a plan in place and have started implementing changes, while 23% said they have a plan but haven’t taken action to implement it.

Of the 50% who have begun implementation, SAP Hybris found, 61% used an internal expert from a non-marketing function to inform the GDPR compliance plan, while 39% used an outside expert or consultant.

Those who said they have no GDPR plan in place had some interesting perspectives. Forty-two percent said they didn’t believe…