Lack of awareness, changing requirements lead to compliance concerns

YARMOUTH, Maine — While respondents say they are confident their organizations are staying on top of compliance, they have reservations about maintaining that pace in the current environment, according to a recent SSN News Poll. 

Most respondents believe their organizations are compliant with current security regulations like GDPR, HIPAA, SOC 2 and others, with half voting that they are fully confident and the other half somewhat confident. Their concern lays more with their ability to continue meeting those requirements. 

One reason: Half of respondents report they are concerned there’s a lack of employee awareness or training when it comes to maintaining compliance with existing regulations.  

“The biggest issue is employee awareness,” wrote one respondent. “Many fail to understand the requirements and fail to correctly specify or fail to catch obvious required field adjustments. Engineering is usually weak, and the installations are frequently lacking in quality. This is usually caused by techs that don't know what they are doing.” 

The other half of respondents report ever evolving regulatory compliance and shifting global politics. It’s hard to maintain compliance when “faced with changing Euro/USA FCC/tariff regulations prohibiting products from entering our marketplace,” another reader stated. 

Fifty percent of respondents confirmed that their organizations either rarely or never conduct internal security audits or compliance assessments. Only one quarter of organizations conduct those audits quarterly (or more frequently).