For better or worse, it’s almost here. On May 25, after a two year transition period, a strict new regulation designed to protect personal data used for business purposes in the EU -- the General Data Protection Regulation (GDPR) -- will become effective. As many of those impacted know, this will have significant implications for organizations worldwide (including potentially hefty fines for noncompliance), regardless of whether they operate in the EU. That’s because the GDPR’s scope is extraterritorial, and requires any organization in any location to adhere to specific rules when processing (i.e., collecting, using, storing, sharing, or deleting) any personal data related to any EU activities. Or, put another way, even if a company isn’t based in the EU and has no operations there, it must still comply with the GDPR if it receives and processes data from an EU-based customer. But are organizations ready for this potentially onerous new requirement?
Sign up to download Not yet GDPR compliant? Here’s how to minimize your organization’s risk