The date on which companies need to be in compliance with the General Data Protection Regulation (GDPR) is approaching fast. Find out when this deadline is and what it means for businesses worldwide.
If your business has customers who live in the European Union, you have an important deadline approaching. On May 25, 2018, you need to be in compliance with the General Data Protection Regulation (GDPR).
Passed by the EU Parliament in 2016, GDPR is designed to provide data privacy rights to EU citizens and protect them from data breaches. This legislation spells out numerous requirements that companies must meet, such as:
All companies that collect, process, or store the personal data of EU citizens are required to comply with GDPR’s requirements, no matter where the organizations are located. For instance, US and Canadian businesses that have customers who live in the European Union must adhere to the regulation.
The penalties for noncompliance are high. The maximum fine, which is reserved for the most serious violations, is €20 million (around $24 million USD) or 4% of a company’s annual global turnover (whichever is greater). The fine structure is tiered, so smaller fines will be levied for less serious infractions.
There are resources available to help businesses understand the GDPR requirements. The official website, EUGDPR.org, has an extensive list of articles, videos, and other types of resources. Its sister site, EUGDPR.com, provides GDPR updates and news.
Some IT vendors also offer GDPR resources, many of which are free. Here are a few examples:
Many blogs and articles are also available to help companies understand GDPR.