CA Technologies Study Highlights Gaps in Use of Personal Data in Evolving Regulatory Landscape

More Than 90 Percent of Organizations Report the EU General Data
Protection Regulation Will Impact the Way they Collect, Use and Process
Personal Data

commissioned by CA Technologies (NASDAQ: CA) found that current
application test data management practices are not adequate to meet the
compliance requirements of the EU General Data Protection Regulation
(GDPR). In fact, only 31 percent of respondents believed that their
organizations’ current testing practices fully comply with the GDPR,
which will affect any business that handles European personal data.

“With businesses across all industries increasingly expanding their
global presence, the impact of new regulations such as the GDPR is going
to be felt more quickly and intensely than many realize,” said Jeff
Scheaffer, general manager, Continuous Delivery, CA Technologies.
“GDPR’s definition of personal data, combined with high fines – €20
million or 4 percent of an organization’s global annual revenue,
whichever is greater – should put IT and application teams on high alert
to safeguard personal data across both development and testing

In the study titled “EU
General Data Protection Regulation: Are you ready for it?,”
majority of respondents were not completely confident that their
organization could meet two of the key provisions of the GDPR known as
the “Right to be Forgotten” and the “Right to Data Portability.” When it
came to identifying, erasing and providing customers with their data:

  • Only 33 percent were very confident that every piece of customer data
    could be identified promptly across all systems and applications.
  • Only 34 percent are completely confident that their organization can
    erase every instance of a customer’s (test) data without delay.
  • Less than half (43 percent) would be fully able to provide a customer
    with their data in a format accessible by them and transmissible to
    other formats, and
  • A surprising 10 percent currently say that they cannot do this at all.

The study also found that organizations will need to change core
processes with more than 90 percent of respondents reporting that the
regulation will impact how they collect, transfer, use, process, store
and send/receive personal data outside the EU. The top technological
challenges identified by 88 percent of survey participants as a
potential risk to GDPR compliance include:

  • sensitive data stored inconsistently (54 percent)
  • multiple copies of production data stored across the corporate network
    (48 percent)
  • technical debt or poorly understood data models (30 percent)
  • ad hoc sharing of test data across personal test machines (25 percent)

To meet the GDPR’s May 25, 2018 deadline, almost nine in ten (89
percent) businesses stated that they need to invest in new technologies
and services that include encryption (58 percent), analytic and
reporting (49 percent) and test data management (47 percent)

“To ensure businesses can continue to trade and compete in today’s
digital world, companies that have significant dealings with the EU and
its citizens need to reevaluate their approach to managing test data
sets and invest in the processes and tools that will ensure they meet
the GDPR compliance standards,” continued Scheaffer.

CA Technologies continues to help customers address GDPR requirements
through its broad portfolio that includes test
data management
, security,
and mainframe
solutions. These innovations enable organizations to confidently embark
on their compliance journey to protect data in mainframe, distributed,
cloud and mobile environments. For more information visit,


Study Methodology

Vanson Bourne conducted the CA Technologies-sponsored study of 200 IT,
and risk and compliance decision makers in the US and UK at enterprise
organizations with revenues of over $1 billion or more in financial
services, manufacturing, retail, telecommunications and public sector
industries. For additional details, see the report “EU General Data
Protection Regulation: Are you ready for it?”

About CA Technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation
for companies and enables them to seize the opportunities of the
application economy. Software is at the heart of every business in every
industry. From planning, to development, to management and security, CA
is working with companies worldwide to change the way we live, transact,
and communicate – across mobile, private and public cloud, distributed
and mainframe environments. Learn more at

Follow CA Technologies

  • Twitter
  • Social
    Media Page
  • Press
  • Blogs
  • Legal Notices

    Copyright © 2016 CA, Inc. All rights reserved. All trademarks, trade
    names, service marks, and logos referenced herein belong to their
    respective companies.


    CA Technologies
    Michelle Laidlaw, +1 631-342-4701