A survey undertaken by security provider Skyhigh Networks, a Cupertino, California based company, on the 7,000 cloud companies in its network, has revealed that only 1% of cloud providers would comply with all aspects of the new EU General Data Protection Regulation (“GDPR”).

“It’s staggering how few cloud providers are prepared for the new EU regulations,” EMEA director at Skyhigh Networks Charlie Howe said in a statement. “Fortunately, there’s still time for providers to get into shape. This means addressing a number of complex issues now.”

We summarised the main points of GDPR in a previous post and have also discussed its subsequent endorsement by the EU Parliament. In brief, the GDPR will apply to EU companies that process personal data and non-EU companies that process EU citizens’ personal data obtained from selling or marketing goods and services to EU citizens. In stark contrast to the current law’s non-existent penalties, the proposed penalties for non-compliance with the GDPR will allow for a fine of 5% of a company’s annual revenue or up to €100 million.