It's important to understand what GDPR means for your business. The days of business and industry being a largely domestic affair are long gone! Now, the world is much smaller place thanks to technology and the internet. Which means that even if your business is based in the U.S., you need to follow certain pieces of legislation that other countries put forward, such as the GDPR, a new data privacy law from the European Union.
GDPR stands for General Data Protection Regulation. According to the EU, the GDPR was “designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.” It covers a wide range of topics. Here are some of the specifics:
You might be wondering why all the fuss. After all, you are based in the US and this is an EU rule, right? Not exactly. GDPR applies “to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not,” writes the GDPR Portal.
“The GDPR will also apply to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU, where the activities relate to offering goods or services to EU citizens (irrespective of whether payment is required)… Non-Eu businesses processing the data of EU citizens will also have to appoint a representative in the EU.”
While the GDPR will most impact e-commerce, travel, hospitality, and software, any company with web content designed to appeal to EU residents will be affected and the cost of non-compliance can be steep. Any breach of the terms of GDPR would mean that a company – your company – could be fined the greater of 20 million EUR or 4 percent of global annual turnover.
According to Gartner, only around 50 percent of companies are going to be compliant by the end of 2018 – don’t let that be your company. Even if most of your customers or website visitors are stateside, you don’t want to risk a penalty.
Prepare for GDPR by seeing where you currently stand with regards to compliance.