In less than six months Europe will undergo the biggest change in data protection rules and regulations ever. The European General Data Protection Regulation (GDPR) will be enforced starting May 2018. So how will the GDPR affect American businesses?
What is the GDPR?
This new legislation will ensure that the personal data of EU citizens is protected. This will include how the data is collected, stored, processed and disposed of.
How Will the GDPR Affect American Businesses?
will apply to companies within the EU and all companies worldwide that market goods and services to EU citizens. This new regulation will apply to businesses no matter their size.
Additionally, companies that control or process personal data relating to any EU citizen or monitors EU citizen must also comply with GDPR. Which is why it is imperative for all companies to prepare for the implementation of the GDPR. For certain companies, it will be mandatory to employ a data protection officer or DPRo to oversee compliance.
4 Ways the GDPR Matters to American Companies
Consent must be made clear, and inactivity does not constitute consent under Article 4. “Consent is defined as “any freely given, specific, informed, and unambiguous indication of his or her wishes by which the data subject, either by statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed.”
2. Territorial Reach:
Companies outside of the EU what offer goods and services to EU citizens or monitor behaviors must remain compliant with GDPR rules.
3. Privacy Design:
Companies within the US must prove that they protect the data of EU citizens from sign-up to delivery.
4. Data Protection:
Be sure to fully understand the GDPR before deciding if your business does or does not need to employ a data protection officer.
While you prepare your business for GDPR ACAWise will continue to be your one-stop destination for keeping your business ACA compliant. Please comment, like, and share this informative blog with those who will be affected by GDPR.