May 15, 2017
Having spoken with attorneys and information technology professionals across the country over the past few months, one common misconception I’ve heard is that “The GDPR doesn’t apply to my company.” The fact is, whether or not your company has offices in the European Union (EU), if you store or process any EU citizen data, the GDPR may affect you.
Going into effect May 25, 2018, the General Data Protection Regulation, or GDPR, is an EU regulation that will be globally enforced, requiring organizations to include explicit protections when handling EU data. Just to name a few of the requirements that can be especially complex to implement, particularly given today’s large volume of unstructured data stores, organizations will have to:
- Receive explicit consent for the data they collect and how it will be used;
- Provide individuals with access to their personal data;
- Be capable of correcting, erasing, and restricting the processing of personal data in particular instances, such as when an individual withdraws consent, or when the data is no longer being processed for the reason that it was originally collected.
To read the original article, please visit The Recorder.
The PDF version of this article is available for download.