connecting-1191647-1278x851Where’s the impact? That’s the question many are asking as the EU General Data Protection Regulation (GDPR) continues its phase-in process. The GDPR, set forth by the European Commission, is intended to strengthen and unify data protection for EU residents.

By extending the scope of the EU data protection law to apply to all foreign companies processing data of EU residents, the law is intended to help non-European companies better comply with the data protection regulations.

But oh, the risks that come with such change. To start, companies will be required to maintain documentation to show compliance. Also, there must be a clear consent proven before processing personal data. Then there’s the data protection impact assessment, another requirement. Plus, companies will be expected to employ data protection by design methodology.

These requirements, among others, apply to businesses of all sizes.

There are plenty of gray areas, too. For example, E-Discovery, and whether it prevails over data privacy regulations, is a still-undefined area.
The GDPR is due to take effect May 25, 2018, but companies are working now to ensure compliance before the rule takes hold.
Further discussion:
  • Advisen will host a webinar titled “Understanding the Impact of GDPR on Customers and the Insurance Market” on December 7th at 11 am ET. To register, visit the webinar registration page.
  • ISACA has archived their webinar, titled “What the GDPR Will Mean to Global Businesses”, held this past January. To access the webinar, visit the ISACA website.
  • Mintz Levin is offering two upcoming webinars on data protection officers and data transfer from the EU. To register, visit the company’s cvent invitation.

About the author