The General Data Protection Regulation is now EU law and will come into effect on May 25, 2018, bringing with it a host of challenges for organizations throughout the world. While the law is termed “general,” it might more accurately be called “global.”
No matter where a company is headquartered, if it holds data on EU citizens, non-compliance could result in steep fines. With due diligence, these fines, which can add up to over $20 Million or 4 percent of a company’s annual global turnover, can be avoided. However, the challenges are multifaceted and include the need for compliance both internally as well as working with service providers that are also adhering to the provisions of GDPR.
Vetting the ability of service providers to comply with GDPR before engaging them is a great way to get a jump start on ensuring a company’s entire compendium of data is up to scratch.
Getting your own house in order isn’t enough
GDPR replaces the pre-social media Data Protection Directive, and seeks to enshrine into law EU citizens’ right to control how personal data is stored, processed, and shared.
Read more here