Just how much could GDPR compliance be worth

May 24, 2018
Sphinx IT SAP GDPR compliance

GDPR compliance is lately surpassing in frequency words such as “hello”, “task” or “meeting” in the work environment. OK, perhaps this is exaggerated. Nevertheless, the 25th of May marks the official GDPR adoption deadline. All affected companies have had time to prepare.

Yet experience shows that all new rules take way beyond their official deadline to become fully adopted and materialized. The importance of GDPR compliance is something we will be hearing more about for some time, because there are bound to be incidents, questions to be answered, late procedures, or tips and tweaks about how to best implement the necessary measures.


Calculating how much GDPR compliance is worth


Perhaps you are aware of a similar amount from other sources, perhaps not. We looked at the data provided by a company that delivers critical  metadata intelligence on other organizations’ key operational systems.

They have conducted relevant research into 5 of the largest and most widely used application packages. The goal consisted of understanding the scale of the challenge when locating personal data for GDPR compliance. Partnering with their customers for the necessary informational input, Silwood revealed that protecting the data associated with leading-edge ERP systems is a complex task.

The discovery phase in this situation may present unexpected duration and sophisticated situations that need to be taken into account. Clearly the companies need at least consultancy from their SAP partners during the process, if not an active form of participation, or even specialized data privacy services.

The rough numbers?

Seems like in May 2018 “1% of data could cost 4% of annual turnover”.



Less than 1% of a typical SAP system contains the personal data that could cause GDPR breaches, but that may cost your organization up to 4% of its annual turnover come May.

Recommended steps:
•    Decide what categories of Personal Data are the object of GDPR compliance
•    Locate them quicker using discovery automation software
•    Analyze the relevant data content in a dedicated environment


+40 356 178 508


Office building

Sphinx IT
Republicii 9, 6th floor
RO-300159, Timişoara, România