TrustArc Whitepaper

GDPR Compliance Benchmarking

Fill out this form to download the TrustArc Whitepaper

At the International Conference of Data Protection and Privacy Commissioners in Hong Kong we released our latest study: GDPR Compliance Benchmarking: Measuring Accountability. The study spans multiple industries, including 46 organisations that completed a GDPR benchmark. These 46 organisations were either entirely located in the EU or were global organisations with EU operations. In either case, only the EU operations were baselined. The largest concentration of industries was in finance and manufacturing. With this research in hand, we are now able to provide some practical knowledge to measure and enhance your organisation’s GDPR compliance efforts.

To gather this information, we leveraged the Nymity Privacy Management Accountability Framework™ and Nymity Benchmarks™ (an automated solution for baselining and benchmarking organisational privacy management). The framework is a comprehensive list of technical and organisational measures, structured into 13 categories and was developed after years of research and on the ground workshops around the globe learning what organisations do to practically implement privacy management. It has been mapped to hundreds of laws and privacy frameworks, as well as the GDPR, making it an excellent, industry and jurisdiction-neutral tool to gauge GDPR readiness. When we mapped the GDPR to the framework, we identified 39 GDPR articles that create obligations to put in place a technical or organisational measure to demonstrate compliance and those 55 measures were used to gather data from the 46 participating organisations in our research.


TrustArc is the leader in privacy compliance and data protection solutions and offers an unmatched combination of innovative technology, services and TRUSTe certification solutions. TrustArc addresses all phases of privacy program management and has been delivering innovative privacy solutions for two-decades to companies across all industries. The TrustArc platform leverages deep privacy expertise and proven methodologies, which have been continuously enhanced through thousands of customer engagements. Headquartered in San Francisco, and backed by a global team across the Americas, Europe, and Asia, TrustArc helps customers worldwide demonstrate compliance, minimize risk and build trust. For additional information visit 

© 2019 TrustArc Inc    |    Privacy Policy