Are you aware that your business could be subjected to sanctions if you handle any private information regarding European Union residents? The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). No matter location, all businesses are required to comply.
This article from Jason Steinberg discusses what businesses should do to avoid penalties and become compliant.
According to the FAQ page of the GDPR website (which you can find here) the GDPR was approved and adopted by the EU Parliament in April 2016 and the regulation was intended to take effect after a two-year transition period. Unlike a Directive it does not require any enabling legislation to be passed by government; meaning it will be in force May 2018.
As stated in the article:
"American companies are not exempt – GDPR applies to any business that processes consumer data belonging to EU residents, even if the company is outside the EU and even if the data is collected, stored, secured, and processed outside of the EU."
All of this begs the question: What should a business do now to make sure it is ready? For the answer, read the full Jason Steinberg article: What Steps Should Every Business Take Now To Be Compliant With GDPR
Find even more information relating to GDPR requirements, deadlines and facts in this CSO article.