Starting in May of 2018 the new General Data Protection Regulation (GDPR) will go into effect in the European Union (EU). This sweeping regulation is unique in that it applies to companies of any size that process personal data of citizens of the EU. Penalties for noncompliance can soar as high as 20 million Euros ($23.5 million) or 4% of annual global turnover.
Unlike prior data privacy laws in the EU, GDPR applies to all companies processing personal data of EU citizens, regardless of where the company is located. GDPR was enacted to require consistent protection to data subjects across the European Union. Requirements range from system design and consent requirements to providing data subjects with data upon demand.
U.S. companies doing business in the EU need to quickly evaluate next steps to be in compliance by May 2018.
Key Questions to Ask Now:
The Process, Risk & Governance specialists at Frazier & Deeter can help you understand both your current state and actions you need to take to comply with GDPR.
Send a message to one of the listed GDPR specialists to get started.