Personal data – lost in space

(July 4, 2017 - Bonn) Most companies are not fully prepared for the new EU GDPR. As a survey by the international organization AIIM reveals, only six percent of the responding companies are ready for the regulation — although it comes into effect in less than one year. The study also exposes serious weaknesses in data security: 31 percent of the respondents cite data loss or exposure in the last 12 months due to staff negligence or bad practices.

By now, most companies are well aware of the EU General Data Protection Regulation (EU GDPR) and the major changes it will bring about. But how well prepared are they for it? The AIIM asked its members this question — and the results are alarming. Less than a year away from the enforcement date, only six percent say they are fully prepared for the EU GDPR. Furthermore, 25 percent say they are "thinking about it," and 7 percent admit that they have not done anything at all to ensure the protection of personal data and to meet the requirements regarding the release and deletion of information. Those who know how complex organizational and infrastructure projects can be also know that time is running out.

ECM ensures data protection and availability

Nevertheless, 74 percent want to develop information governance (IG) policies to comply with the EU GDPR; 57 percent intend to take data cleansing measures to ensure data quality and integrity. Enterprise content management (ECM) solutions such as Doxis4 offer a consistent technological platform for securely managing and storing data and documents from a number of systems. Such solutions help companies to identify and securely store personal data, while also enabling them to provide or delete personal information on the data subject's request. ECM solutions assist companies in establishing long-term data protection that complies with the EU GDPR. They prevent data loss or exposure, to which almost one-third of the respondents admitted experiencing in the last 12 months. The respondents listed staff negligence and bad practices in handling data as the reasons behind this. ECM is not a cure-all, but it does offer a secure and stable foundation for information governance. The SER solution Doxis4 safeLock gives companies a way to automatically manage retention rules and deletion deadlines, for example, for contracts. Once the legal retention period is over, deletion locks can be removed if, say, a customer or employee demands deletion according to the EU GDPR.

The intent of the EU General Data Protection Regulation is to strengthen data protection for individuals within the EU. In cases of non-compliance, penalties of up to several million euros are possible. The regulations affect not only European companies, but also international ones that conduct business in the EU. The AIIM took the current discussion of the EU GDPR as an opportunity to survey its members in May 2017 about their readiness for the new regulation. Approximately 700 members of the AIIM community took part in the survey.

You can read the complete AIIM Report "Understanding GDPR Readiness in 2017"* here:

*© AIIM 2017,

Logo aiim
Logo aiim

Press contact

Please don't hesitate to contact us for press inquiries via email or phone.

SERgroup Holding International GmbH
Public Relations
Joseph-Schumpeter-Allee 19
D-53227 Bonn


Ms. Maureen Cueppers
Phone: +49 (0) 228 90896-0

How can we help you?

+49 (0) 30 498582-0
Please add 7 and 6.

Your message has reached us!

We appreciate your interest and will get back to you shortly.

Contact us