LONDON: Companies have been urged to improve their arrangements for protecting privacy and customer data after a survey found less than half of organisations have a comprehensive privacy management programme in place.

Gartner, the IT research company, polled 221 organisations in North America, the UK and Germany in April and May 2013 and found only 43% expressed confidence that they fully met requirements.

Also, 7% acknowledged they did "the bare minimum" regarding privacy laws and more than a third considered privacy in an ad hoc fashion following Gartner's last survey in 2011, which recorded higher "maturity" levels than at present.

Maturity levels are a recognized means by which organisations can measure their progress against established benchmarks, ranging from "ad hoc" to "optimised" – the level at which regular reviews and feedback are used to ensure improvement.

Carsten Casper, research vice president at Gartner, called on organisations to refocus their privacy efforts if they wanted to raise the maturity level of their privacy programmes back to the level of 2011.

"Gartner's consistent observation is that privacy programmes are only successful if someone is driving them," he said, pointing out that only 66% of respondents said they have a defined privacy officer role.

He said a privacy officer would need broad experience and, in larger organisations, would require a team and additional support from senior management.

However, more positively, Gartner noted that 32% or organisations have increased the number of their privacy staff from last year, the largest increase since 2008.

The survey also found that, for the first time, more organisations are now using central global storage facilities for their customer data instead of local or regional centres.

The company will host a conference in Barcelona in mid-November to examine privacy trends and strategies.

Data sourced from Gartner; additional content by Warc staff