Let’s start with the basics. GDPR refers to Europe’s new General Data Protection Regulation that went into effect on May 25, 2018. And while this new regulation technically only applies to and protects EU citizens, the reality is that most companies have decided (for now) to move forward with a single set of updated privacy rules for all users. This is why you, as an internet user based in the US, have seen so many emails informing you of new privacy features and terms of service lately.
But as a business owner, understanding what GDPR compliance means and the potential implications it may have on the way you collect customer data, is also important. If you are doing minimal business with consumers in the EU, then it may be easiest to segregate your data into EU-based contacts and non-EU-based contacts, and take extra precaution when using or sharing data from the EU-based contact list.
However, if your business is global (and in the age of the internet, many are), you may want to consider completely revamping your privacy policies and the way you use and store data to ensure full compliance across the board. At this point, no one is sure how aggressive EU regulators will be, but the stated maximum fines per violation are very steep (4% of a company’s global turnover or $20 million, whichever is greater), so understanding the implications GDPR has on your business is essential. And urgent.
The team at ATB is here to help you fully understand the implications GDRP might have on your small or medium-sized business, and from there, we can walk you through our recommended actions to ensure you are not putting your company at risk of a violation. Contact us today to schedule a complimentary consultation and learn more about our full range of IT consulting and security services.