GDPR Compliance: 10 Steps for Global Companies
An immense volume of personal data (or personally identifiable information) is proliferating and flowing throughout the world. Personal data is an incredibly valuable asset to companies but data protection and privacy laws across the world are increasingly regulating its collection and use. In particular, the EU's General Data Protection Regulation (GDPR), which automatically takes effect in member states on May 25, will bring substantial new compliance requirements and potential large fines.
It is not just organizations with an EU establishment that need to be concerned with GDPR compliance; the GDPR has extra-territorial effect and non-EU established organizations will also be subject to the GDPR to the extent they process the personal data of individuals in the EU in relation to (i) offering goods or services to those individuals in the EU, or (ii) monitoring their behavior within the EU.
These organizations will need to evaluate their processes for handling employee and client personal data. Below are 10 steps they should take to ensure they are on the right track.
Continue reading "GDPR Compliance: 10 Steps for Global Companies".