The EU’s GDPR has been in place for nearly a year, but confusion and noncompliance still abound. This guide offers a detailed look at GDPR stipulations and their potential impact on your company.
From the guide:
Through the power of information technology, any enterprise that sells products or provides services via the internet is technically a global business. Regardless of whether your organization is a one-person operation selling novelty T-shirts or a Fortune 100 company providing sophisticated cloud computing solutions, you are likely to have customers residing outside your country of origin. In general, this is considered a good thing.
However, with that global reach comes certain responsibilities, some of which are codified in laws and regulations with specific, and potentially costly, consequences. For example, the European Union (EU) is enforcing a new set of regulations designed to protect the data security and the privacy of its citizens. Enforcement of the General Data Protection Regulation (GDPR) went into effect May 25, 2018, and is applicable to all EU residents and any business entity that transacts with them, regardless of the location of the business.
Put simply, if you have a customer living in an EU country and you collect any data from that customer as a result of a business transaction, you are subject to the rules and regulations of the GDPR. There are no exceptions for enterprise size or scope, which means any business with an internet presence is potentially subject to this law.
This guide explains what the GDPR is and how its provisions impact enterprises and their IT infrastructure.