GDPR Services: Gross Disconnect in Perception and Reality - Services PEAK Matrix™ Assessment 2018

29 Jun 2018
by Chirajeet Sengupta, Yugal Joshi, Nisha Krishan

The European Union’s adoption of General Data Protection Regulation (GDPR), that has come into effect from May 2018, directly impacts all companies based in, or doing business with companies/individuals based in the European Economic Area (EEA). This has put pressure on organizations to comply with its stipulated requirements for data (both steady state and in-transit).

As enterprises invest in their compliance, security, and risk initiatives, they are relying on the support of service providers to not only discover sensitive and personal data, but also enable their GDPR compliance. Service providers, as a result, are investing in developing capabilities to enable this GDPR journey for their clients. These investments include development of proprietary solutions to discover data, expansion of their partner ecosystems, and nurturing of their workforce to be GDPR-ready.

In this research, we present the assessment and detailed profiles of eight IT service providers featured on the GDPR services PEAK Matrix™. Each service provider profile presents a comprehensive picture of its service suite, scale of operations, and domain investments. The assessment is based on Everest Group’s annual RFI process for the calendar year 2017, interactions with leading GDPR service providers, client reference checks, and an analysis of the GDPR services market. The report covers the following:

  • Market trends in the GDPR services space
  • Imperatives for enterprises and service providers
  • PEAK Matrix assessment of GDPR service providers
  • Profiles of eight GDPR service providers


Application Services


Page Count: 55