Last week I had a call about the new European Union General Data Protection Regulation (GDPR). It is a European rule that goes into effect on May 25, 2018, that could potentially effect companies worldwide.
After asking around, it seemed that not many industry participants are aware or ready to comply with this new data protection regulation. So I thought I would highlight it for you to check out with your regulatory counsel as needed.
The GDPR will order companies that obtain data from European Union citizens to give individuals greater control over how their personal data is collected and used. The GDPR envisions that even if a single EU-based citizen visits a company’s website that the company must comply with GDPR or risk enforcement activity.
Included in the GDPR are:
- Breach Reporting Requirements
- Consent Provisions
- Access and Correction Provisions
- The “Right to Be Forgotten”
To learn more and prepare as appropriate, please review the following documentation on:
All the feedback I have been receiving is that this is a big enough deal that you should pay attention and discuss with your attorney to ensure compliance. Because as they say “an ounce of prevention is worth a pound of cure.”
About the Author
Bill McClellan serves as ERA's Vice President of Government Affairs. Prior to joining the association, Bill worked as a lobbyist at the Georgia Automobile Dealers Association, covering the state legislature and Georgia's congressional delegation. Before working for the GADA, Bill managed political campaigns at both the congressional and state constitutional levels.