Many companies are unprepared to comply with the GDPR—and in some cases, they're unaware that its rules will apply to them. This chart and related resources will help you assess your liability.
The deadline for complying with the EU's General Data Protection Regulation (GDPR) is just around the corner: May 25, 2018. Companies in the EU as well as those outside it that deal with EU residents must comply with new data privacy laws or face steep penalties—up to 4% of their annual global turnover, or €20 million, whichever is greater.
Unfortunately, reports suggest that many businesses are ill-prepared to meet the deadline for compliance. A recent survey conducted by data management provider Solix found that 22% of organizations don't realize that they must comply with the GDPR if they hold data of EU citizens, even if those organizations are based outside the EU. And a government report cited in a recent ZDNet article said that fewer than half of businesses understand the new legislation or are taking steps to prepare for compliance.
The infographic below offers a simple flowchart to help you determine whether your business could be subject to the GDPR provisions for collecting and processing personal data from EU citizens.
- Data classification policy (Tech Pro Research)
- Intrusion detection policy (Tech Pro Research)
- Incident response policy (Tech Pro Research)
- GDPR compliance policy (Tech Pro Research)
- GDPR compliance checklist (Tech Pro Research)
- EU General Data Protection Regulation (GDPR): A cheat sheet (TechRepublic)
- What is GDPR? Everything you need to know about the new general data protection regulations (ZDNet)
- Video: The major technology challenges raised by the GDPR (TechRepublic)
Is your organization subject to the GDPR provisions? What steps have you taken to prepare for compliance? Share your advice and experiences with fellow TechRepublic members.