The new European Union General Data Protection Regulation (GDPR) took effect on Friday, May 25, 2018, but many companies are still hard at work becoming compliant with this broad and stringent regulatory scheme governing privacy and data security. This new law reaches companies located in the United States who process any information (personal data) of identified or identifiable natural persons (data subjects) located in the European Economic Area (EEA), and regulates how, when and what security measures apply to the processing of that personal data by businesses. Personal data may be anything from a business contact’s email address to IP addresses of European visitors to a company’s website to human resources data on European employees. The penalties for violation can be steep – €10 million to €20 million or 2% – 4% of annual global turnover – whichever is greater. For additional details on the GDPR, please see 4 SCARY Facts about the New European Union General Data Protection Regulation.
View entire article here.